The CLASS checked is FACILITY. The entity used to check authorization is:
Table 78 CTTSE03 Extended Definition Authorization Entities
Entity |
Use |
---|---|
$$CTTBLP.qname.volser |
For parameter BLP. |
$$CTTBYPASS.qname.volser |
For parameter EXPDT when set to 98000. |
where:
volser: Volume serial number of the requested tape volume of a single volume file or the first volume of a multivolume file.
The commands listed below permit USERA to use JCL parameter BLP and to set JCL parameter EXPDT to 98000 for any tape volume.
For RACF:
RDEFINE FACILITY $$CTTBLP.qname.* UACC(NONE)
RDEFINE FACILITY $$CTTBYPASS.qname.* UACC(NONE)
PERMIT $$CTTBLP.qname.* ID(USERA) ACCESS(READ)
PERMIT $$CTTBYPASS.qname.* ID(USERA) ACCESS(READ)
For TopSecret:
TSS ADD(sec-administrator-dept) IBMFAC($$CTTBLP.qname)
TSS ADD(sec-administrator-dept) IBMFAC($$CTTBBYPASS.qname)
TSS PERMIT(USERA) IBMFAC($$CTTBLP.qname) ACC(READ)
TSS PERMIT(USERA) IBMFAC($$CTTBYPASS.qname) ACC(READ)
For ACF2/SAF:
SET RESOURCE(CMF)
COMP
$KEY($$CTTBLP.qname.************************) TYPE(CMF)
UID(USERA) ALLOW
$KEY($$CTTBYPASS.qname.*********************) TYPE(CMF)
UID(USERA) ALLOW
Parent Topic |