Tracking SCRATCH Access From CATADELPROT(NO)

Document ID : KB000013419
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

Before changing the CA Top Secret control option CATADELPROT(NO) to CATADELPROT(YES), is there a way to determine where this is currently being used to allow a file to be deleted?

Answer:

Run TSSUTIL with the following: 

REPORT EVENT(ALL) RESCLASS(DATASET) DRC(B9) LONG 

Look for events with the following 

R-ACC A-ACC SRC/DRC SEC 

SCRATCH ALL OK-B9 CAT 

dsname 

 

The SRC/DRC of OK-B9 in the TSSUTIL report means the access was allowed due to a permission for the catalog dataset instead of a permission for the dataset to be deleted. 

NOTE: When the LONG option is specified, there are 2 lines for each event. The second line will contain the resource class and name.