z/OS Security Server RACF General User's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Including the individual or group on the access list with ACCESS(NONE)

z/OS Security Server RACF General User's Guide
SA23-2298-00

By including the user or group on the access list with ACCESS(NONE), you make sure that the user or group cannot access the general resource. To deny access by assigning a user or group an access of NONE, enter the PERMIT command with the ACCESS keyword as follows: 
PERMIT profile-name CLASS(classname) ID(userid|groupname) ACCESS(NONE)
  • Example 1:
    To deny user Jones use of a terminal protected by general resource profile IDTERMS, type: 
    PERMIT IDTERMS CLASS(TERMINAL) ID(JONES) ACCESS(NONE)
  • Example 2:
    To deny groups DEPTD60 and DEPTD58 use of a terminal protected by general resource profile IDTERMS, type: 
    PERMIT IDTERMS CLASS(TERMINAL) ID(DEPTD60, DEPTD58) ACCESS(NONE)
These examples show only some of the operands that are available to use on the PERMIT command. The complete syntax of the PERMIT command, with descriptions of all the command operands, is described in z/OS Security Server RACF Command Language Reference. In particular, you might want to read about this operand:
  • RESET

    Deletes the entire contents of both the standard access list and the conditional access list of a profile.

Parent topic: Denying an individual or a group use of a general resource

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014