BUILD FORGE agent to z/OS - Security requirements

marisalondon · New User Joined: 21 Aug 2009 Posts: 10 Location: London

Hi!

Can anyone let me know what are the security requirements to allow execution of jcls via the Build Forge agent without using submit surrogat class?

Thanks.

expat · Posted: Fri Aug 21, 2009 11:56 am

Only your security people can tell you that. They set up the security infrastructure in a site specific way. There's no way that we can answer that question unless we happen to be your site security admin.

Anyway, the security admin in me always awakens at topics like this and I always think "Mmmmmmmmmmm, someone trying to sneak something in by the back door".

marisalondon · New User Joined: 21 Aug 2009 Posts: 10 Location: London

Thanks for your response expat.
Just need to understand a little bit more how to work with agents & service accounts... not much detailed info available.

Regards.

expat · Posted: Fri Aug 21, 2009 1:34 pm

It really is something that you need to discuss with your site security people. They will know better than anyone how the security is set up.

Also, by trial and error you will find the blocking points, allbeit slowly, and will need to get them resolved by site security before being able to continue.

Also, the RACF (Or whatever security product your site uses) and the section regarding "Product Security" in the product manual should give you some usefull pointers. Then there is always the vendor support which may have had to deal with similar problems in the past.

There probably is some information available, it's just knowing where to look.

marisalondon · New User Joined: 21 Aug 2009 Posts: 10 Location: London

Thanks expat. I have contacted both my security team & the vendor. That should solve my problem.

Regards.

expat · Posted: Fri Aug 21, 2009 2:41 pm

Hopefully so

We will have the country cousins from over the pond logging on later and they may have some other suggestions or information that might help.