How to protect the SJ command?

Document ID : KB000050493
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

We want to remove the authorization of the SJ command in front of a job which has already run.

We cannot find this under SDSF documentation.

Solution:

To protect SJ you have to use JESSPOOL class as follows:

   Resource Name                          Class       Access    
    nodeid.userid.jobname.jobid.JCL        JESSPOOL     READ

Then e.g:

   TSS ADD(anydept) JESSPOOL(*.)    
    
    TSS PER(ALL) JESSPOOL(*.%) ACCESS(ALL)

These commands should allow any user to have all access to their own JESSPOOL resources and no access to others.