Re: ACS routine based on RACF group

[Gibney, Dave]

> -----Original Message-----
> From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
> On Behalf Of R.S.
> Sent: Thursday, February 07, 2013 2:48 PM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: ACS routine based on RACF group
> 
> W dniu 2013-02-07 23:05, Gibney, Dave pisze:
> >> From z/OS v1r11.0   DFSMSdfp Storage Administration:
> >
> > &GROUP The RACF-defined default group associated with the user, or
> > the group specified in the GROUP keyword on the JCL JOB statement. If
> > the environment is recall or recover, &GROUP is set only if the
> > requester of the recall or recover is not a DFSMShsm authorized user.
> > When DFSMShsm invokes the ACS routines, &GROUP is the group
> > associated with &USER    Type: Literal    Max value: 8 characters
> 
> Well, RACF *default* group is not RACF current connect group, not always.
> (assuming GRPLIST in effect, which is typical setup)
> Usually user does not provide any group during logon, in this case his
> default group becomes current connect group.
> However user can provide other goup he's connected to. In this case
> current connect goup is the group provided.
> 
> This is the way how ARCCATGP works - it is not enough to be connected to
> the group, you hve to specify this group during logn (OK, I haven't
> checked it for a few version, maybe it's changed).
> 
> However my question came from other issue: I vaguely remember (vaguely!)
> that I created SPEC group in RACF and my SMS admin used it for ACS
> routines and anynone from this group was "special friend othe SMS". And
> the SPEC was not our default group...


I know I specify our equivalent of that group when I logon to TSO. 

My point really is that using &GROUP in ACS routines isn't as robust as I for 
one would like.

> 
> 
> --
> Radoslaw Skorupka
> Lodz, Poland
> 
> 
> 
> 
> 
> 
> --
> Tre tej wiadomoci moe zawiera informacje prawnie chronione Banku
> przeznaczone wycznie do uytku subowego adresata. Odbiorc moe by
> jedynie jej adresat z wyczeniem dostpu osób trzecich. Jeeli nie jeste
> adresatem niniejszej wiadomoci lub pracownikiem upowanionym do jej
> przekazania adresatowi, informujemy, e jej rozpowszechnianie, kopiowanie,
> rozprowadzanie lub inne dziaanie o podobnym charakterze jest prawnie
> zabronione i moe by karalne. Jeeli otrzymae t wiadomo omykowo,
> prosimy niezwocznie zawiadomi nadawc wysyajc odpowied oraz trwale
> usun t wiadomo wczajc w to wszelkie jej kopie wydrukowane lub
> zapisane na dysku.
> 
> This e-mail may contain legally privileged information of the Bank and is
> intended solely for business use of the addressee. This e-mail may only be
> received by the addressee and may not be disclosed to any third parties. If
> you are not the intended addressee of this e-mail or the employee authorised
> to forward it to the addressee, be advised that any dissemination, copying,
> distribution or any other similar activity is legally prohibited and may be
> punishable. If you received this e-mail by mistake please advise the sender
> immediately by using the reply facility in your e-mail software and delete
> permanently this e-mail including any copies of it either printed or saved to
> hard drive.
> 
> BRE Bank SA, 00-950 Warszawa, ul. Senatorska 18, tel. +48 (22) 829 00 00, fax
> +48 (22) 829 00 33, www.brebank.pl, e-mail: i...@brebank.pl
> Sd Rejonowy dla m. st. Warszawy XII Wydzia Gospodarczy Krajowego
> Rejestru Sdowego, nr rejestru przedsibiorców KRS 0000025237, NIP: 526-
> 021-50-88.
> Wedug stanu na dzie 01.01.2013 r. kapita zakadowy BRE Banku SA (w
> caoci wpacony) wynosi 168.555.904 zotych.
> 
> 
> ----------------------------------------------------------------------
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN