Also the RACF-L discussion list is a much better place to seek information on
this topic (not that people here aren't helpful and knowledgeable):
lists...@listserv.uga.edu - RACF-L - subscription instructions are found at the
start of every piece of IBM RACF documentation.
Cheers - Mike
-
Hi Peter,
Radoslaw and I probably spend more time over on the RACF_L list than here on
IBM-MAIN, but I still like to keep an eye open here.
The use of ID(*) ACCESS(READ) is well known among the RACF community as the
'preferred' option to UACC nowadays, and the reason you cite is indeed
mention
No Bob - I meant UACC(READ) or its equivalent. I just don't see what gate is
being closed by insisting that LinkList or LPA libraries must have UACC(NONE),
when, as you confirm, they cannot be fetch protected and therefore the content
is available to anyone on the system anyway.
Cheers - Mike
Hi Rob - is it now considered less than best practice to allow Linklist and LLA
etc to fall under UACC(READ) or ID(*) READ profiles? MY recollection is that
these libraries are not fetch protected, and therefore there is little common
sense in having them anything other than UACC(READ)... Chee
The last major RACF project I architected was for something I presume would
probably fit your clients bill here. Some of the necessary elements we
incorporated were:
Delegated (though not via RACF means) Ownership of all RACF general resource
and dataset profiles - thereby making sure that the
Hi Radoslaw,
You can find the list that IBM recommends in the MVS Init and Tuning Guide:
https://www-40.ibm.com/servers/resourcelink/svc00100.nsf/pages/zOSV2R3sa231380/$file/ieae200_v2r3.pdf
I worked at one site many years ago where the local specialist had actually
tested across multiple IPL'
Being a RACF geek and a contractor for roughly half my career I've seen most of
the conventions people have shared here in this thread. The best laugh I get
talking with other mainframe geeks though was from a large bank where the
algorithm went:
First 5 letters of SURNAME + first initial of f
You don't need to concern yourself with *how* the user is (or is not) given
access to the resource. You don't need to concern yourself with which RACF
profile protects the resource either. You just pass the necessary information
about the user, the access level being requested and the resource
I sent this privately to the OP at first, who liked it and suggested I re-send
it to the entire group as the thread is already OT and others might like the
story also.
My father, 86 now, became fascinated with computers in the late 50's early 60's
during his first career as a surveyor and map
That's a brilliant read, thanks for posting. Amazing to see the perspective of
an early CIO in action considering the S360 offerings against their competitors
as things looked to them at the time. And also a brilliant exposition of what
really happened at Xerox from someone with a seat at the
As an Australian I can vouch for the veracity of the noted definition of the
word 'root', although I would also suggest that this usage was almost always
confined to a younger generation and seems to be someone one grows out of. :-)
Then there is the standard Aussie joke we tell about Kiwi's (a
It looks very much like the z/Assure from Key Resources and Ray Overby were
doing, which I note is now offered via BMC.
Cheers - Mike
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@list
Hi Kayhan,
I see you received suitable answers to your questions on the IBM forum for
zSecure here:
https://community.ibm.com/community/user/security/communities/community-home?communitykey=44eb7c0d-9bc2-419b-9158-ad693e734065&tab=groupdetails
I would recommend anyone working with any of the
Is no-one aware of Master the Mainframe competition for students?
https://en.wikipedia.org/wiki/Master_the_Mainframe_Contest
And the Academic Initiative, under which the classes mentioned by Wayne are run
(Wayne and I worked on these together back in the day):
https://www.ibm.com/it-infrastru
Unfortunately the SEARCH command only applies to the user executing the
command. Returning the profiles that *you*, the executing user, have access
to. I think what Vignesh is asking for is a list of the profiles for a given
user when asking the question as an administrator.
Others have point
To try and answer the OP's questions:
Support: pretty much on your own wrt IBM, there are forums, and you can get
general advice about the z/OS, sub-systems and applications in places like here
of course. In any case as it cannot legally be used for real workload, support
shouldn't really be
One of the funniest things I recall was attempting to understand the
documentation. I wish I had kept some of the old manuals just for a laugh.
Apparently they had been translated from the IBM documentation into Japanese,
and then translated back into English. They were both awful, difficult
The first ten years of my mainframe career I never saw a true IBM installation.
First I worked with a Fujistu and MSP, then I moved to a shop that had Amdahl
kit, and after that a shop that was Hitachi. At least for the Amdahl and
Hitachi the OS was really MVS, OS/390 etc.
The Fujitsu environ
s the
same, wherever they are found?
Some other option?
Thanks for taking the time,
Regards - Mike Cairns
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the me
19 matches
Mail list logo