Extended Definition Mode

Initial access to Screen 3

IOASECUR is called to issue a security check for authorization. The CLASS checked is FACILITY; the entity checked is $$CTMPNL3.qname.

Subsequent Operations in Screen 3

The actions (for example, hold, delete, rerun, and so on) are separated into different categories of access authority to the Active Environment screen (Screen 3).

The CLASS checked is FACILITY. The entity checked is $$JOBxrrr.qname.owner

where

owner is the owner specified in the Job Scheduling Definition screen (Screen 2)
x is the one‑digit action identifier

rrr is the three‑character identifier for each action, described in the following table:

Table 28 Action Identifiers

Action Identifier	Action	Description
1	ACT LOG SYS STA ZOO AES	Activate Log View sysout View statistics Zoom AutoEdit simulation
2	CNF FOK FRE HLD RRN RRN	Confirm Force OK Free Hold Rerun Restore
3	CHA PRI DEL EDI KIL	Change Change priority Delete, Undelete Edit JCL Kill an executing job

To permit USERA to hold jobs with an owner of USERB, use the following command:

RACF Security

PERMIT $$JOB2HLD.qname.USERB ACCESS(READ) ID(USERA) CLASS(FACILITY)

TopSecret Security

TSS PERMIT(USERA) ISMFAC($$JOB2HLD.qname.UDERB) ACC(READ)

ACF2/SAF Security

SET RESOURCE(CMF)

COMP

$KEY($$JOB2HLD.qname.USERB) TYPE(CMF)

UID(USERA) ALLOW

Parent Topic

Module CTMSE08