Question:
Some acids show the following administrative authorities in the TSS LIST output:
----------- ADMINISTRATION AUTHORITIES
LIST DATA = *ALL*,PROFILES,PASSWORD,SESSKEY
Wouldn't just "ALL" suffice? Why add on PROFILES, PASSWORD and SESSKEY?
Answer:
With the DATA administrative authority, ALL does not include PASSWORD, PROFILE, or SESSKEY. These have to be admin'd separately in addition to DATA(ALL) to allow the administrator to:
* List the ACID’s password information (expiration date and interval). DATA(PASSWORD)
* List the profile(s) attached to the ACID. DATA(PROFILE)
* List the session key used to verify that one LU is authorized to link to another LU for the purposes of APPC conversation processing. DATA(SESSKEY)
Additional Information:
https://docops.ca.com/ca-top-secret-for-z-os/16-0/en/using/creating-security-administrators/assign-administrative-authority#AssignAdministrativeAuthority-Example:AssignDataAuthority