Security product authorization (for example, RACF®) is required to use the
nssctl command.
You must define a profile in the SERVAUTH class to enable control
over the
nssctl command function. The format of
the profile is as follows:
EZB.NETMGMT.sysname.sysname.NSS.DISPLAY
Where:
- sysname
- The system name of the system on which the nssctl command
is allowed to run.
Requirement: This profile must be defined on the
system where the NSS server is running and where the nssctl command
is issued.
Tips:
- If the security product is RACF,
you can use the control statements in the sample JCL job that is provided
in SEZAINST(EZARACF) to define this authorization. If the SERVAUTH
class is not active or if a matching SERVAUTH policy is not found,
the nssctl command request is rejected.
- Authorization is not required for the help option (nssctl
-?).