Hi all, Since we defined following statement to protect our LU on mainframe, APPC cannot access the PRDLU01 becuase without owner information, is there anyone have same problem?
RDEFINE VTAMAPPL PRDLU01 UACC(NONE) OWNER(SYS1) PERMIT PRDLU01 CLASS(VTAMAPPL) ID(P428501) Thanks and regards On Sun, Jun 7, 2009 at 9:39 PM, Walt Farrell<wfarr...@us.ibm.com> wrote: > On Fri, 5 Jun 2009 22:58:10 +0800, Tommy Tsui <tommyt...@gmail.com> wrote: > >>but one of audit report shows that an invalid user try to access the >>APPC with "??????" jobid and userid...I don't know how to answer our >>auditor ? > > What, exactly, does the audit report say? Does it say someone tried to > access the APPC APPL, or does it say someone tried to sign on? > > Remember that APPC is a server, and as such, audit records related to it (as > well as ICH408I message) generally refer to its clients. It is most likely > that some user without an identity (e.g., some incoming APPC transaction > that did not specify a user ID) caused your audit record. And there is > nothing to tell the auditor, other than "someone without an identity tried > to use APPC, and the system properly failed the access, so don't worry about > it." Assuming, of course, that the SMF record indicated a failure. If it > indicated a success, you may have more work to do :) > > -- > Walt Farrell, CISSP > IBM STSM, z/OS Security Design > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO > Search the archives at http://bama.ua.edu/archives/ibm-main.html > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
