View previous topic :: View next topic
|
Author |
Message |
ssprabhu
New User
Joined: 25 Apr 2005 Posts: 67 Location: pune
|
|
|
|
hai all,
how to denied the access to purge the USER-ID |
|
Back to top |
|
|
vidhyanarayanan
New User
Joined: 23 Dec 2005 Posts: 52
|
|
|
|
HI,
Make ur user id RACF protected. U can do it only if u have admin
authority.... |
|
Back to top |
|
|
ssprabhu
New User
Joined: 25 Apr 2005 Posts: 67 Location: pune
|
|
|
|
Thank u all |
|
Back to top |
|
|
KS
New User
Joined: 28 Feb 2006 Posts: 91 Location: Chennai
|
|
|
|
Hi Vidhya ,
Can u please tell me how to make the user id RACF protected?
Thanks,
KS |
|
Back to top |
|
|
vidhyanarayanan
New User
Joined: 23 Dec 2005 Posts: 52
|
|
|
|
hi
It means ur user id should have an entry in RACF database. Imagine
that u r joinin a project as a new user, u r provided with access through
RACF. U can navigate thro S option in ISPF menu. u can proceed only if u
have administration authority. |
|
Back to top |
|
|
vidhyanarayanan
New User
Joined: 23 Dec 2005 Posts: 52
|
|
|
|
Any way ur user id will be protected before use. |
|
Back to top |
|
|
shyp316
New User
Joined: 14 Jun 2006 Posts: 2
|
|
|
|
Hi,
Your security admin can help you to avoid your userid being purged by the other guys. He can use the JESSPOOL class or the OPERCMDS class to stop other people to issue the purge command.
Regards,
Shaun |
|
Back to top |
|
|
dave0260
New User
Joined: 25 Jul 2006 Posts: 1 Location: Central U.S.
|
|
|
|
IF you run a periodic process to remove userids from RACF, you may want to hard-disable the ids before the process runs.
In our shop, I do this as follows:
(1) Disable the UserId:
"CO ?usrid? GROUP(EXILE)" /* connect user to a null access group */
"ALU ?usrid? DFLTGRP(EXILE) OWNER(EXILE) RESTRICTED REVOKE" /* Make the null-access group the default and owning group, then revoke & restrict the id */
"ALU ?usrid? NOTSO NOOMVS" /* remove TSO & OMVS information */
"RE ?usrid? GROUP(xGRPx)" /* disconnect userid from all groups in LU output */
(2) Datasets: If the ID is to be deleted then either rename or delete any associated datasets before attemtping to delete a userid
When you get around to running IRRRID00 for the UserId(s), they are in a condition to be identified and dealt with more efficently. They reside in one group, it has no access, and the connect date is the date it was disabled.
Remember to refresh your RACF in-storage profiles.
Rememebr to delete the associated catalog alias. |
|
Back to top |
|
|
|