Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Establishing authorization for VSAM RLS z/OS DFSMSdfp Storage Administration SC23-6860-01 |
|
To establish authorization to access VSAM RLS resources, assign a RACF attribute of PRIVILEGED or TRUSTED to the VSAM RLS server address space, SMSVSAM. With PRIVILEGED, most RACROUTE REQUEST=AUTH macro instructions
done for SMSVSAM are considered successful, without any checking being
performed. The checking done for the CHKAUTH operand on the RACROUTE
REQUEST=DEFINE macro instruction is also bypassed. All other RACF
processing occurs as usual. RACF does not:
TRUSTED is similar to PRIVILEGED. Most RACROUTE REQUEST=AUTH macro
instructions that are done for SMSVSAM are considered successful,
without any checking being performed. RACF does not:
If the VSAM RLS server address space is neither PRIVILEGED nor TRUSTED, grant the SMSVSAM server the appropriate access authorization:
You should also ensure that only those users who need the capability, such as CICS subsystems, have access to register a subsystem name to SMSVSAM. Use the RACF subsystem name class to restrict this access. For more information, refer to CICS Transaction Server for z/OS Release Guide, at CICS Transaction Server for z/OS Information Center. |
Copyright IBM Corporation 1990, 2014
|