IOA verifies if the user is authorized to use the user ID (owner) in the balancing mission definition.
RACF Security
For this verification:
Entity Checked: owner.SUBMIT
Class: SURROGAT
where owner is the user ID specified as the owner of the Control‑M/Analyzer balancing mission.
If the logged on user is allowed to submit jobs on behalf of another user, the user is also allowed to order Control‑M/Analyzer balancing missions owned by that user.
The commands to permit USERA to order a balancing mission with an owner of USERB are:
RDEFINE SURROGAT USERB.SUBMIT UACC(NONE)
PERMIT USERB.SUBMIT ACCESS(READ) ID(USERA) CLASS(SURROGAT)
TopSecret Security
The TopSecret Application Interface module (TSSAI) is called with the following parameters:
Resource Class: ACIDCHK
Resource Name: userid (as specified in the OWNER field)
where userid is the user ID specified as the owner of the Control‑M/Analyzer balancing mission.
If the logged on user is allowed to submit jobs on behalf of another user, it is assumed that the user is also allowed to order Control‑M/Analyzer balancing missions owned by that user.
The command to permit USERA to order a balancing mission with an ownerid of USERB is:
TSS PERMIT(USERA) ACID(USERB)
ACF2/SAF Security
For this verification:
Entity Checked: $SUBMIT.owner
Class: FACILITY
where owner is the user ID specified as the owner of the Control‑M/Analyzer balancing mission.
The ACF2 commands to permit USERA to order a balancing mission with an owner of USERB are:
SET RESOURCE(CMF)
COMP
$KEY($SUBMIT.USERB) TYPE(CMF)
UID (USERA) ALLOW
Parent Topic |