On Wed, 16 Aug 2006 10:02:49 -0400, Tim Hare <[EMAIL PROTECTED]> wrote:
>I think there's some confusion here. The area in the common exit >parameter area, which is part of the JMR, is (according to the IEFJMR >macro): > >JMRUSEID DS CL8 User-defined identification field > >This field is NOT a user ID field, it's an arbitrary field used by >customer exits for various purposes. The name is unfortunately confusing, >but it's not really the field to use for user identity. > >Many of the record types you mention already have a user ID field - for >example see SMF30RUD in the type 30 record which is defined as RACF user >ID but in reality is probably the user ID from whatever SAF-compatible >security system you have (Top Secret or ACF2 customers are welcome to >comment). > >I think if we examine all of the IBM record types, we'd probably not find >very many without the user ID field at all; this requirement may already >be satisfied. > >Tim Hare >Senior Systems Programmer >Florida Department of Transportation >(850) 414-4209 The list of SMF Records that I put into the SHARE requirement was obtained by searching the z/OS 1.4 SMF manual for "common exit parameter area". Most of the SMF records listed in the SHARE requirement only have one userid in them, which is the one that gets populated from the common exit parameter area. You mentioned SMF Type 30, which does in fact have more than one userid field in it. SMF30UIF gets populated from the common exit parameter area is in the Identification Section and was originally in the SMF Type 30 record. SMF30RUD was added at some point to the Identification Section. The SHARE requirement as written was to reduce complexity of the system and increase the scope of the audit trail by having an SMF option to determine if the system should do this or not. For compatability reasons, the default would probably be to not populate these fields. Of course, if the field was being used for something other than the SAF userid, the new option should not be activated. You are correct that references to RACF should be changed to SAF. Michael ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
