Rob van der Heij [EMAIL PROTECTED] wrote:
However, your security administrator may not like it. When you have an
ESM and audit invalid link attempts, your users may not know what
they're accused of. If you're not suspicious yet, read on.. ;-)
Sure, but if you have an ESM, won't you already have a
I have used access to specific members on SFS disks. If the user can
read the file and parse a specific item out of the first record, then
could do something special.
Tony Thigpen
-Original Message -
From: Huegel, Thomas
Sent: 01/22/2007 11:05 AM
I was recently coding some execs
From: Huegel, Thomas [EMAIL PROTECTED]
Date: Mon, January 22, 2007 11:05 am
As I was doing this I was thinking 'How many times over the past 30+ years
have I done this same type of coding? There must be a better way to identify
these different groups than to have tables or files with
RPN01 [EMAIL PROTECTED] wrote:
Just slightly outside the box... Could you use the eight digit account
field as a numeric index into a publicly accessable file and keep the
actual
parameter lines needed in that file? The file lines could be as long as
necessary, and with eight digits to index with,
On 1/23/07, Phil Smith III [EMAIL PROTECTED] wrote:
You could also use dummy deferred LINKs, I suspect:
However, your security administrator may not like it. When you have an
ESM and audit invalid link attempts, your users may not know what
they're accused of. If you're not suspicious yet,
cc
System
[EMAIL PROTECTED] Subject
ARK.EDU Re: A z/VM idea
Subject: Re: A z/VM idea.
Building on the idea, ANY virtual device would do. Could be a SPECIAL
device, virtual printer, reader, etc. Use CP Q V vdev instead of the
CP
LINK * vdev.
Mark Wheeler, 3M Company
Rob van der Heij
[EMAIL PROTECTED]
m
I was recently coding some execs that set up things like mdisk links and
certain 'privlages' for users within thier 'groups of responsibilty' ie
programmers can do programmer type functions supervisors can do programming
functions plus certain other supervisor functions etc.
As I was doing this I
You could add directory comments and parse the comments with some piping.
Huegel, Thomas wrote:
I was recently coding some execs that set up things like mdisk links and
certain 'privlages' for users within thier 'groups of responsibilty' ie
programmers can do programmer type functions
On 1/22/07, Huegel, Thomas [EMAIL PROTECTED] wrote:
Then I had an idea this would be a lot easier if there was a z/VM directory
entry called USERDATA that would be freeform and queryable ie Q UDATA. That
way one could id a user any way he wanted to and use or not use the values.
So you think
Then I had an idea this would be a lot easier if there was a
z/VM directory entry called USERDATA that would be freeform
and queryable ie Q UDATA. That way one could id a user any way
he wanted to and use or not use the values.
Does that make sense to anyone else?
Or is there something
Both DIRMAINT and VM:Secure have the ability to store and retrieve user
specified comment records in a CP Directory source entry. Each of these
comments has a tag identifier for easy retrieval by tag name.
Bob Bolch
it always should be.
Thanks
Tom
-Original Message-
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED]
Behalf Of Bob Bolch
Sent: Monday, January 22, 2007 10:19 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: A z/VM idea.
Both DIRMAINT and VM:Secure have the ability to store
Well, that's kind of what the ACIGROUP functionality is for, but it
really requires an ESM. The other problem is that you can be in only one
ACIGROUP at a time, so if you need combinations of privileges, you end
up defining n**2 possible groups.
If you have RACF or VM:Secure or some such,
On Monday, 01/22/2007 at 10:05 CST, Huegel, Thomas [EMAIL PROTECTED]
wrote:
I was recently coding some execs that set up things like mdisk links and
certain 'privlages' for users within thier 'groups of responsibilty' ie
programmers can do programmer type functions supervisors can do
On Monday, 01/22/2007 at 12:02 EST, David Boyes [EMAIL PROTECTED]
wrote:
Well, that?s kind of what the ACIGROUP functionality is for, but it
really
requires an ESM. The other problem is that you can be in only one
ACIGROUP at a
time, so if you need combinations of privileges, you end up
You can also use RACF groups just as a way to group users, that is, not even
grant permissions to the groups. Then an exec can use RACF LISTUSER to see
which groups the user is in.
My customer uses this approach in its system profile: when a user is in such
an application group, the application
PROTECTED]
Behalf Of Kris Buelens
Sent: Monday, January 22, 2007 12:00 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: A z/VM idea.
You can also use RACF groups just as a way to group users, that is, not even
grant permissions to the groups. Then an exec can use RACF LISTUSER to see
which groups
To get a directory entry: if you have access to DIRMAINt's minidisks, you
can use DIRME EXEC (part of DRM package) as a Pipe stage to get one or more
directory entries.
--
Kris Buelens,
IBM Belgium, VM customer support
2007/1/22, Huegel, Thomas [EMAIL PROTECTED]:
I don't have RACF.
I am
I have 4 groups of people and I put a LINK in the CP directory to the
misk that has the files they are authorized to use.
If someone falls into two groups I simply put two LINKs in the
directory.
/Fran Hensler at Slippery Rock University of Pennsylvania USA for 43 years
[EMAIL
are different.
From: Huegel, Thomas [EMAIL PROTECTED]
Reply-To: The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU
Date: Mon, 22 Jan 2007 10:45:44 -0600
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: A z/VM idea.
Thank-you everyone.
I had been using the ACCOUNT data but it has limitations i.e. only eight
21 matches
Mail list logo