Controlling the user ID of submitted jobs

Tivoli Workload Scheduler for z/OS can submit three kinds of jobs:

• Normal production jobs, which are submitted when their prerequisites in the current plan are fulfilled.
• Stand-alone cleanup jobs, which are submitted to run cleanup actions separately from the original job.
• Dialog jobs, which you can submit directly from a panel in the Tivoli Workload Scheduler for z/OS dialog.

Normal production jobs

Tivoli Workload Scheduler for z/OS submits production jobs to the internal reader, or starts started tasks, when all prerequisites are fulfilled. The JCL comes from the JS file (EQQJSnDS), the JCL job library (EQQJBLIB), or the job-library-read exit (EQQUX002). You can determine the authority given to a job or started task in several ways:

• You can submit work with the authority of the Tivoli Workload Scheduler for z/OS address space. The job or started task is given the same authority as the controller or tracker whose submit subtask actually submits the work. For example, work that is transmitted from the controller and then submitted by the tracker is given the authority of the tracker.
• Another method is to use the job submit exit, EQQUX001. This exit is called when Tivoli Workload Scheduler for z/OS is about to submit work.
  • You can use the RUSER parameter of the EQQUX001 exit to cause the job or started task to be submitted with a specified user ID. The RUSER name is supported even if the job or started task is first sent to a tracker before being started.
  • In certain circumstances you might need to include a password in the JCL to propagate the authority of a particular user. You can use the job-submit exit (EQQUX001) to modify the JCL and include a password. The JCL is saved in the JCL repository (JSn) data set before the exit is called, thus avoiding the need to store JCL with specific passwords. This method prevents the password from being visible externally. For more information about the job-submit exit, see Tivoli® Workload Scheduler for z/OS®: Customization and Tuning.

Stand-alone cleanup jobs

Their purpose is to run data set cleanup actions and can be submitted when:

• An automatic internal process takes place (for example, when cleanup type immediate is used and an operation ends in error)
• A Start Cleanup command is issued by a Tivoli Workload Scheduler for z/OS dialog or the Dynamic Workload Console.

Activate exit EQQUX001 to make sure that the submitter of the stand-alone cleanup job is the same as the submitter of the original job, otherwise the stand-alone cleanup job will run with the same authority as the controller or the tracker that submits it. The current EQQUX001 sample contains a procedure to set the RUSER value according to the value of the USER= keyword in the jobcard of the original job.

Dialog jobs

When you submit Tivoli Workload Scheduler for z/OS batch jobs from your TSO address space, they go through normal TSO functions. This means that you can submit any job allowed by TSO/E. Tivoli Workload Scheduler for z/OS makes no authority checks when the job is submitted.

For the Tivoli Workload Scheduler for z/OS batch job to run successfully, it must be authorized to reference the data sets it uses. The submitting TSO user might also need authorization to use a specific function. For example, a user could have update authority to the AD file but not have the authority to use the AD mass update function.