 |
- When the TMP executes in the background, some TSO/E commands are
processed differently than when they execute in the foreground. For
example, a job that invokes the TMP in the background is authorized
to execute the ACCOUNT command, if the "USER=" field is not specified.
Therefore, for security reasons, you should either:
- RACF-protect or password-protect the UADS
- Write a JCL exit to limit access to the background TMP.
For more information about the differences in command processing
in the background, see z/OS TSO/E User's Guide.
- An unqualified data set name will not be prefixed with a user
ID, because "no prefixing" of data set names is the default in
the background. If you want a user ID prefixed to the data set names,
and are not defined to RACF®,
include the following command at the beginning of the SYSTSIN stream:
profile prefix(userid)
If
you are defined to RACF, you
do not have to include the profile prefix(userid) command
in the SYSTSIN stream. Instead, specify USER=userid on
the JOB card, and the user ID you specify is used as the prefix.
Read
also the following item about the requirement that a user must have
logged on and off at least once.
- If your batch job uses commands or subcommands in the SYSTSIN
stream that use user IDs not defined as TSO/E users (for example,
SEND or RECEIVE), consider the following requirement:
The TMP requires
user logon information found in either the user attribute data set
SYS1.UADS, or the TSO/E segment of the RACF data
base. This information is built through the LOGON and LOGOFF command.
Therefore, it is required that each referenced user is defined to
either UADS or to RACF, and
has performed a LOGON and LOGOFF command at least once.
|
z/OS TSO/E Customization
Copyright IBM Corporation 1990, 2014