Step 2 RACF Security Definition Samples

Step 2.1 Control-M/Analyzer Security Definitions (Optional)

Step 2.2 Functions Security Definitions (Optional)

Step 2.3 Control Program Access to Datasets (Optional)

Select these steps to edit members CTBSRAC2, CTBSRAC3, or CTBSRAC4 in the IOA INSTWORK library.

Perform the following steps to define the required permissions.

1. Associate users with Extended Definition Mode.
   1. To define the entity $$CTBEDM.qname to RACF, use the following command:

      RDEFINE FACILITY $$CTBEDM.qname UACC(NONE)

   2. To authorize USERA to Extended Definition mode, use the following command:

      PERMIT $$CTBEDM.qname ID(USERA) CLASS(FACILITY) ACCESS(READ)

   3. Submit the job for execution.

      This job must run under a user or administrator who has authorization to enter these commands.

      Scan the output of the job for information and error messages. All job steps must end with a condition code of 0.

2. Define entities and user authorizations.

   For information about entities and user authorizations, see Control-M/Analyzer Basic Definition Security Calls, and Control-M/Analyzer Extended Definition Security Calls.

To authorize USERA access to a given Control‑M/Analyzer entity, use the following command:

PERMIT $$CTBnnn.qname CLASS(FACILITY) ID(USERA) ACCESS(READ)

where CTBnnn is the name of the Control‑M/Analyzer entity to be accessed.

All entity names for each Control‑M/Analyzer protected element appear in Control-M/Analyzer Basic Definition Security Callsfor Basic Definition mode and Control-M/Analyzer Extended Definition Security Calls for Extended definition mode.