Maybe this?
https://www.ibm.com/support/knowledgecenter/SSLTBW_2.4.0/com.ibm.zos.v2r4.ic
ha700/ControllingJobClassUsage.htm
Controlling job class usage
An installation can control job class usage by granting access based on the
submitter's profile, or based on the owner's profile, or both.
The control is based on the presence or absence of two FACILITY class
profiles:
If the profile JES.JOBCLASS.OWNER is defined in the FACILITY class, job
class profiles for owners are enforced.
If the profile JES.JOBCLASS.SUBMITTER is defined in the FACILITY class,
job class profiles for submitters are enforced.
If both profiles are defined in the FACILITY class, a job class must
pass both sets of profiles before it is considered valid.
If neither profile is defined in the FACILITY class, any job class can
be used.
Lizette
-----Original Message-----
From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of
Robert Hahne
Sent: Wednesday, May 6, 2020 2:04 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: TSO/E SUBMIT exit
Hi Lizette ,
Yes...we run JES2 and SDSF both
Regards,
Robert
________________________________
From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> on behalf of
Lizette Koehler <stars...@mindspring.com>
Sent: Thursday, May 7, 2020 2:27 AM
To: IBM-MAIN@LISTSERV.UA.EDU <IBM-MAIN@LISTSERV.UA.EDU>
Subject: Re: TSO/E SUBMIT exit
Do you run JES2? Do you have SDSF? Do you have z/OSEM?
Any tools?
Lizette
-----Original Message-----
From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of
Robert Hahne
Sent: Wednesday, May 6, 2020 1:35 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: TSO/E SUBMIT exit
Hello listers ,
I understand this is a RACF question . But thought someone can help me here
. We have a requirement where TSO submit exit IKJEFF10 needs to be
eliminated . Currently it is written to ensure only those users with
TSOAUTH(OPER) are allowed to submit jobs with any name . Rest of the users
are only allowed to submit jobs that begins with their USERID .
Also , the users are not allowed to issue JES commands in batch unless they
have TSOAUTH(OPER) . Can we get both of these requirements done using RACF
profiles ?
Any pointers are highly appreciated
Regards,
Robert
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions, send email
to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions, send email
to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions, send email
to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
