We decided to put Vantage Scripts under ENDEVOR control. In order to prevent updates outside of ENDEVOR
we just assigned READ access to users and the Vantage started task. This results in the following violations
during REFRESH of the scripts:
ICH408I USER(SAMS ) GROUP(group) NAME(####################)
SAMS.SCRIPTS CL(DATASET ) VOL(volser)
INSUFFICIENT ACCESS AUTHORITY
FROM SMLD.SCRIPTS (G)
ACCESS INTENT(UPDATE ) ACCESS ALLOWED(READ )
Why does the Vantage started task needs UPDATE access to the script libraries?
When scripts are refreshed, Vantage tries to update the PDS directory of the script
library with internal information, which requires UPDATE access to the Data Set.
If the PDS directory can't be updated due to missing UPDATE access, it can't be
garantueed, that the scripts will still work without any problem.
NOTE: in general we recommend to use the Scripts wizards from the windows or web client to create
or modify scripts, since these wizards check for valid syntax.
If ENDEVOR control should be used you might consider one of the following options:
1) Use the Vantage script wizards to maintain scripts and use message automation scripts for messages
VAN1577I UserId: %8S Changed Script Member: %8S in Dsn: %44S
VAN1578I UserId: %8S Deleted Script Member: %8S in Dsn: %44S
to submit ENDEVOR batch jobs to add/update scripts using the Vantage script library as source data set
or to delete scripts in ENDEVOR.
For example for creation or modification of scripts use the following message automation script for message VAN1577I:
TITLE=ADD/UPDATE scripts in Endevor
DESCRIPTION1=ADD/UPDATE scripts in Endevor to track changes
SET_FILTER=MCNTXT INCL VAN1577I/
This script submits job NDVRADD and uses substitution variables to set the Element name, Type and comment,
containing the Userid form the User who updated or created the script:
//ADDELEM EXEC PGM=NDVRC1,REGION=4096K,DYNAMNBR=1500,
//STEPLIB DD DISP=SHR,DSN=your.CSIQAUTU
// DD DISP=SHR,DSN=your.CSIQAUTH
//CONLIB DD DISP=SHR,DSN=your.CSIQLOAD
//C1MSGS1 DD SYSOUT=*
//C1MSGS2 DD SYSOUT=*
//SYSUDUMP DD SYSOUT=*
//GOA DD DISP=SHR,DSN=%%MCNTXT:10%%
//SYMDUMP DD DUMMY
//SYSOUT DD SYSOUT=*
//BSTIPT01 DD *
SET FROM DDN GOA .
SET OPTIONS OVE UPD CCID VANTSCR COMMENT 'ADD/UPDATE BY %%MCNTXT:3%%'
SET TO ENV 'ENV1'
TYP '%%MCNTXT:10(12,7)%%' .
ADD ELEMENT %%MCNTXT:7%% .
In the above example the TYPE is identical to the LLQ of the script library.
The script library used is GERCAI.VANT.AUTOSCR and the LLQ from the message is extracted
using TYP '%%MCNTXT:10(12,7)%%' resulting in TYPE AUTOSCR..
2) EDIT the Scripts in ENDEVOR, but don't use the BASE library in Vantage to prevent the ENDEVOR Footprint from being overwritten.
Create a GENERATE processor, which copies the Scripts to the Vantage script library, which is not under ENDEVOR control.
Allow UPDATE access for the Vantage STC user to this library, so it can update the PDS directory with the internal Vantage information.
Grant READ access only to all Vantage users, so that the scripts can't be modified manually outside of ENDEVOR.
NOTE: SECURSCR(Y) will not work in this case, since Vantage is not aware of the user, that has created the script.