On Mon, 5 Oct 2009 09:11:21 +0200, R.S. wrote:
>
>BTW: jobnames can be easily protected using standard RACF class JESJOBS.
>The profile is SUBMIT.nodename.jobname.userid
>One can define who (not a part of the profile) on what system (NJE
>node), what jobname, *with what OWNER* (the last qualifier).
>So even in shared RACF db environment there is a possibility that
>Group APPLPRG can submit job ABC12345 with owner PRODBTCH, but only on
>TEST system. And it is possible to prevent userid propagation - so TSO
>segment is not a problem.
>
Does the syntax permit a universal rule with wildcards, e.g.:
SUBMIT.nodename.&SYSUID.%.&SYSUID
... ? I.e. every user may submit (only) jobnames consisting of
the userid plus one character and only for his own userid? Or
must the administrator create a specific rule for each user?
And I have YA motive for eschewing the userid+1 practice: When I
submit a job from the SMP/E ISPF panels, SMP/E attempts to snag
the output with the OUTPUT (ugh!) TSO command. Fortunately, SMP/E
lets me edit the JCL before submission, so OUTPUT can't find it and
I can split the screen and examine it with SDSF, which I much prefer.
-- gil
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
