I want to wind back a bit on this one:-
We do use RACF as an ESM and we do use LOGONBY (controlled by RACF
profiles) extensively.
I understand that any user with LOGONBY authority can log on and give any
of the commands mentioned but we would be extremely unhappy about these
users being able to give those commands on behalf of that user without
logging on. This should not be the assumption and, if it becomes so, then
there should be an easy way to revert to the current status :-
There are 2 issues here :-
1. Visibility
Searching RACF audit record is no substitute for seeing the
commands entered on the console of the user.
2. Serialisation
Insisting the user logs on (LOGONBY) ensures that they (and only
they) have control of that user at that time.\
I would be OK with the ability to enable the behaviour suggested but I
would be very unhappy for it to be the default that we had to find a
workaround for.
Colin G Allinson
Technical Manager VM
Amadeus Data Processing GmbH
T +49 (0) 8122-43 49 75
F +49 (0) 8122-43 32 60
[EMAIL PROTECTED]
http://www.amadeus.com
IMPORTANT - CONFIDENTIALITY NOTICE - This e-mail is intended only for
the use of the individual or entity shown above as addressees . It may
contain information which is privileged, confidential or otherwise
protected from disclosure under applicable laws . If the reader of this
transmission is not the intended recipient, you are hereby notified that
any dissemination, printing, distribution, copying, disclosure or the
taking of any action in reliance on the contents of this information is
strictly prohibited. If you have received this transmission in error,
please immediately notify us by reply e-mail or using the address below
and delete the message and any attachments from your system .
Amadeus Data Processing GmbH
Geschäftsführer: Eberhard Haag
Sitz der Gesellschaft: Erding
HR München 48 199
Berghamer Strasse 6
85435 Erding
Germany
