RACF Commands Translated for JMON (JES Job Monitor)

Document ID : KB000025393
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:

For JMON (JES Job Monitor) and external security, the following RACF commands are needed. What are the CA Top Secret equivalent commands?

SETROPTS CLASSACT(CONSOLE)
RDEFINE CONSOLE JMON UACC(READ)
RDEFINE OPERCMDS JES2.** UACC(NONE)
PERMIT CLASS(OPERCMDS)JES2.** ID(userid or groupid)
ACCESS(CONTROL) WHEN(CONSOLE(JMON))

 

Answer:

The RACF commands converted are :

  1. SETROPTS CLASSACT(CONSOLE)

    No equivalent and not needed in CA Top Secret.

  2. RDEFINE CONSOLE JMON UACC(READ)

    TSS ADD(dept) TSOAUTH(CONSOLE)
    TSS PER(acid) TSOAUTH(CONSOLE)

    The user needs at least 1 TSO field on his acid in order for the TSOAUTH(CONSOLE) authority to be picked up.

  3. RDEFINE OPERCMDS JES2.** UACC(NONE)

    TSS ADD(dept) OPERCMDS(JES2.)

  4. PERMIT CLASS(OPERCMDS) JES2.** ID(userid or groupid) ACCESS(CONTROL) WHEN(CONSOLE(JMON))

    TSS PER(acid) OPERCMDS(JES2.) ACCESS(CONTROL)

There is no equivalent of 'WHEN(CONSOLE(JMON))' under CA Top Secret. A terminal restriction can not be placed on a TSS PERMIT command.

 

Additional Information:

Please refer to the CA Top Secret Command Function Guide for more details about the TSS ADD and TSS PERMIT command.