Change JESJOBS profiles

Description: In z/OS V2R1, the new Job Modify SSI 85 defines additional resource names to the JESJOBS class. If any existing JESJOBS entity name matches one of the new resource names, it could result in unintended user authorization to modify job attributes. If necessary, update your JESJOBS profiles to avoid granting unintended user authority to modify jobs.

Element or feature:

z/OS JES2.

When change was introduced:

z/OS V2R1.

Applies to migration from:

z/OS V1R13 and z/OS V1R12.

Timing:

Before installing z/OS V2R1.

Is the migration action required?

Yes, if JESJOBS profiles could grant unintended authority to modify the job.

Target system hardware requirements:

None.

Target system software requirements:

None.

Other system (coexistence or fallback) requirements:

None.

Restrictions:

None.

System impacts:

None.

Related IBM Health Checker for z/OS check:

None.

Steps to take: Follow these steps:

Search for JESJOBS profile names which match any of the new JESJOBS resource names:
- SUBMIT.localnodeid.jobname.userid
- HOLD.nodename.userid.jobname
- RELEASE.nodename.userid.jobname
- PURGE.nodename.userid.jobname
- CANCEL.nodename.userid.jobname
- START.nodename.userid.jobname
- RESTART.nodename.userid.jobname
- SPIN.nodename.userid.jobname
- MODIFY.nodename.userid.jobname
- REROUTE.nodename.userid.jobname
For more information, see z/OS JES2 Initialization and Tuning Guide.
Ensure that your existing JESJOBS profiles grant the intended authority, given the new use of JESJOBS by the Job Modify SSI 85.
If any JESJOBS profile inadvertently allows user authority to Job Modify SSI 85 actions, update the profile or create a new profile, if necessary.

Reference information: See the following information: