> -----Original Message----- > From: IBM Mainframe Discussion List On Behalf Of Henke, George > > Does anyone know how ACF2 validates a users access to specific applications? > > Recently we tried to migrate from ACF2 to RACF and were forced to fallback because ACF2 was somehow > *wildcarding* a user's access to applications whereas RACF was iterating through a list of > applications.
??? Did you have the APPL class RACLISTed? If you want to "wildcard" user access to applications in RACF, first ensure you have generics enabled for the APPL class (SETR GENERIC(APPL) GENCMD(APPL) ), then define an APPL profile of ** with UACC(READ) and delete the rest of the APPL profiles; then RACLIST REFRESH the APPL class. If you later want to limit access to some applications, simply define more specific profiles for them with UACC(NONE) and an appropriate access list. > The resulting overhead across 1000's of users exhausted memory leaving no room for LSQA and producing > 878 abends. I think you had something mis-configured. -jc- ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN