Is there a way to prevent the use of the "A" and "E" MAI Primary Menu commands?

Document ID : KB000033152
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:  

Is there a way to prevent the use of the "A" and "E" MAI Primary Menu commands?

Answer: 

The "A" and "E" MAI Primary Menu commands start ALL sessions in a user's MAI session list. Entering either of these commands by mistake may be problematic if users have a large number of sessions defined, and may require the user to cancel all the sessions that were not needed. It is possible to block access to these commands in one of two ways, depending upon the security solution in use.

1. If a full security exit is used for Solve:Access:

    a. Review the full security exit source code and look for Structured Field 0202, MAI-FS A AND E COMMAND CAPABILITY, and set it to "N".

    Here is an example of what it should look like when set to block access to A and E MAI Primary Menu commands:

   MAICMD   DC    X'0202'         MAI-FS A AND E COMMAND CAPABILITY
            DC    X'0001'                                         
            DC    X'0001'                                         
            DC    CL1'N'          'Y' OR 'N' OMISSION ==> 'N'  

   b. Rerun the JCL to assemble and link-edit the exit.

   c. Restart the Solve:Access region to load the new security exit module. 

 

2. If a partial security exit (NMSAF or PARTSAF) or no security exit is used for Solve:Access:

    a. Log into the Solve:Access region and enter shortcut /UAMS at the user prompt to navigate to the User Access Maintenance (UAMS) menu. 

    b. List User or Group definitions as necessary to make the change.

    c. For each User or Group definition, go to page 8, MAI Details, and set the following field as shown and then save:

       A and E Commands ............. N        (Y/N)

    d. The change will be in effect at next logon for affected users.

 

After performing the above steps, affected users will see the following when the A or E command is attempted from the MAI Primary Menu:

CSNMXX------------------------ MAI : Primary Menu -----------------------------
Command ===> a                                                 FRI 20-NOV-2015 13.15
N53912 USER IS NOT AUTHORISED FOR A  COMMAND                     CSNMXX

 

Addition information:

Please review the Solve:Access Session Management Security Guide for additional information regarding the use of UAMS and full security exits.