IBM Mainframe Forum Index
 
Log In
 
IBM Mainframe Forum Index Mainframe: Search IBM Mainframe Forum: FAQ Register
 

Security Database Name and Location


IBM Mainframe Forums -> All Other Mainframe Topics
Post new topic   Reply to topic
View previous topic :: View next topic  
Author Message
Tom Storms

New User


Joined: 10 Nov 2011
Posts: 11
Location: USA

PostPosted: Thu Nov 10, 2011 11:29 pm
Reply with quote

Does anyone know of a SAF query that will provide the name and volser of the currently active security system (ACF2, RACF, TSS) database? Any other documented method of obtaining that information would be okay too.

Thanks,

Tom
Back to top
View user's profile Send private message
enrico-sorichetti

Superior Member


Joined: 14 Mar 2007
Posts: 10872
Location: italy

PostPosted: Thu Nov 10, 2011 11:47 pm
Reply with quote

what is the business need for such info ?
if You have the need to know Your support will be glad to help You !
Back to top
View user's profile Send private message
Tom Storms

New User


Joined: 10 Nov 2011
Posts: 11
Location: USA

PostPosted: Fri Nov 11, 2011 12:13 am
Reply with quote

enrico-sorichetti wrote:
what is the business need for such info ?
if You have the need to know Your support will be glad to help You !


What is you business need to know what my business need is for asking such a straightforward question? I clearly asked for documented methods. If a method is documented somewhere and someone can help me find it, why are you concerned? icon_evil.gif
Back to top
View user's profile Send private message
dick scherrer

Moderator Emeritus


Joined: 23 Nov 2006
Posts: 19244
Location: Inside the Matrix

PostPosted: Fri Nov 11, 2011 12:17 am
Reply with quote

Hello and welcome to the forum,

Suggest you speak with the Security Admins for your system.

Not sure i've ever heard of a specific volser for this. When you talk with your security people, explain just why you want this info.
Back to top
View user's profile Send private message
enrico-sorichetti

Superior Member


Joined: 14 Mar 2007
Posts: 10872
Location: italy

PostPosted: Fri Nov 11, 2011 12:20 am
Reply with quote

since you are the one asking for help You have no reason to be rude..

replying is
on our own time
free of charge
interest of the question
attitude of the person asking

..

if You want to get help it might be wiser for to change Your attitude icon_evil.gif
we expect respect for our time and for sharing with You our knwolege
if You do not like ....

in other words that You might understand more easily ...
if You have the business need You should ask You support
if You do not have one then there is no reason for anybody on these forums to help You do something You are not supposed to
Back to top
View user's profile Send private message
don.leahy

Active Member


Joined: 06 Jul 2010
Posts: 765
Location: Whitby, ON, Canada

PostPosted: Fri Nov 11, 2011 12:25 am
Reply with quote

Most of the people who post questions on this forum are application programmers, so naturally there is some suspicion when a new member asks a question in a sensitive subject area that is traditionally outside of the application programmer's "need to know". It is nothing personal.
Back to top
View user's profile Send private message
Tom Storms

New User


Joined: 10 Nov 2011
Posts: 11
Location: USA

PostPosted: Fri Nov 11, 2011 12:40 am
Reply with quote

Thanks for the warm welcome to the forum Enrico. When I post a legitimate message asking for help and the moderator essentially tells me I shouldn't be asking the question it makes me question the value of the forum. I belong to many other forums and have never been treated with such disrespect. Maybe you should check your own attitude.

I develop a DASD tool and wish to programmatically avoid security related volumes. I don't own the security products so I have no "support". As I said, if someone can help answer my question it would be appreciated.
Back to top
View user's profile Send private message
Tom Storms

New User


Joined: 10 Nov 2011
Posts: 11
Location: USA

PostPosted: Fri Nov 11, 2011 12:46 am
Reply with quote

dick scherrer wrote:
Hello and welcome to the forum,

Suggest you speak with the Security Admins for your system.

Not sure i've ever heard of a specific volser for this. When you talk with your security people, explain just why you want this info.


Thanks Dick - I can research this myself, I just thought someone here might know the answer and save me some time.
Back to top
View user's profile Send private message
enrico-sorichetti

Superior Member


Joined: 14 Mar 2007
Posts: 10872
Location: italy

PostPosted: Fri Nov 11, 2011 12:48 am
Reply with quote

Quote:
Thanks for the warm welcome to the forum Enrico

Horse manure!

I was not offensive .
Quote:
Maybe you should check your own attitude.

I was just using the due diligence to make sure that the info I post would not hurt anybody
Back to top
View user's profile Send private message
Tom Storms

New User


Joined: 10 Nov 2011
Posts: 11
Location: USA

PostPosted: Fri Nov 11, 2011 12:50 am
Reply with quote

don.leahy wrote:
Most of the people who post questions on this forum are application programmers, so naturally there is some suspicion when a new member asks a question in a sensitive subject area that is traditionally outside of the application programmer's "need to know". It is nothing personal.


Hi Don - maybe I should have reviewed some of the other posts to get a better flavor for the forum before getting involved. I expected to get some legitimate feedback, not a brick wall. Thanks for trying to explain but this forum may not suit my needs.
Back to top
View user's profile Send private message
dick scherrer

Moderator Emeritus


Joined: 23 Nov 2006
Posts: 19244
Location: Inside the Matrix

PostPosted: Fri Nov 11, 2011 12:53 am
Reply with quote

Hello,

Quote:
I don't own the security products so I have no "support".
Someone must support the security software for the system. . .

Possibly you could talk with the storage management people? Or a systems programmer?

Everywhere i've been the naming and placement of "things" is site-specific so there may not be a "one answer fits all" available.
Back to top
View user's profile Send private message
Akatsukami

Global Moderator


Joined: 03 Oct 2009
Posts: 1788
Location: Bloomington, IL

PostPosted: Fri Nov 11, 2011 12:58 am
Reply with quote

To enlarge upon Dr. Sorichetti's and Mr. Leahy's replies, we have actually had people post such questions as "How do I evade my client's border security and surf restricted web sites from work?" These are -- without offense to my fellow posters -- rather low-grade fora, with a large minority of poorly-educated and openly dishonest members (albeit they seldom make more than one or two posts). Attitudes range from "Why do you want to know that?", "Why are you unwilling to ask your in-house support?", and "Don't you realize that doing that could get you fired?" to my own high-functioning sociopathy, where I tell querents, "Here's how to light the fuse on that stick of dynamite that you're holding...".
Back to top
View user's profile Send private message
Tom Storms

New User


Joined: 10 Nov 2011
Posts: 11
Location: USA

PostPosted: Fri Nov 11, 2011 1:01 am
Reply with quote

enrico-sorichetti wrote:
Quote:
Thanks for the warm welcome to the forum Enrico

Horse manure!

I was not offensive .
Quote:
Maybe you should check your own attitude.

I was just using the due diligence to make sure that the info I post would not hurt anybody


Since I was offended, you apparently were offensive to me. All that aside, I apologize for adding the "devil eyes" to my post back to you and getting us off on the wrong foot... I'll try to keep the "horse manure" to minimum from now on icon_wink.gif
Back to top
View user's profile Send private message
Tom Storms

New User


Joined: 10 Nov 2011
Posts: 11
Location: USA

PostPosted: Fri Nov 11, 2011 1:15 am
Reply with quote

dick scherrer wrote:
Hello,

Quote:
I don't own the security products so I have no "support".
Someone must support the security software for the system. . .

Possibly you could talk with the storage management people? Or a systems programmer?

Everywhere i've been the naming and placement of "things" is site-specific so there may not be a "one answer fits all" available.


Dick - I already have a solution for this issue for RACF (which is the security system installed where I develop). However, it is not generic. I'd like to use a generic SAF query to get this information regardless of what security system is installed. I just don't know if there is such a query or what it might be if there is one.

Talking to sysprogs and disk jockeys on this topic is pointless... I develop the software they use and they're asking for the feature icon_exclaim.gif

Thanks,

Tom
Back to top
View user's profile Send private message
Tom Storms

New User


Joined: 10 Nov 2011
Posts: 11
Location: USA

PostPosted: Fri Nov 11, 2011 1:18 am
Reply with quote

Akatsukami wrote:
To enlarge upon Dr. Sorichetti's and Mr. Leahy's replies, we have actually had people post such questions as "How do I evade my client's border security and surf restricted web sites from work?" These are -- without offense to my fellow posters -- rather low-grade fora, with a large minority of poorly-educated and openly dishonest members (albeit they seldom make more than one or two posts). Attitudes range from "Why do you want to know that?", "Why are you unwilling to ask your in-house support?", and "Don't you realize that doing that could get you fired?" to my own high-functioning sociopathy, where I tell querents, "Here's how to light the fuse on that stick of dynamite that you're holding...".


Can you run fast??? icon_lol.gif
Back to top
View user's profile Send private message
Akatsukami

Global Moderator


Joined: 03 Oct 2009
Posts: 1788
Location: Bloomington, IL

PostPosted: Fri Nov 11, 2011 1:29 am
Reply with quote

Tom Storms wrote:
Akatsukami wrote:
Attitudes range from "Why do you want to know that?", "Why are you unwilling to ask your in-house support?", and "Don't you realize that doing that could get you fired?" to my own high-functioning sociopathy, where I tell querents, "Here's how to light the fuse on that stick of dynamite that you're holding...".


Can you run fast??? icon_lol.gif

I instruct them from a distance icon_wink.gif
Back to top
View user's profile Send private message
enrico-sorichetti

Superior Member


Joined: 14 Mar 2007
Posts: 10872
Location: italy

PostPosted: Fri Nov 11, 2011 1:36 am
Reply with quote

We certainly started with the wrong foot icon_biggrin.gif

I am just repeating what can be found in the general RACF documentation

Quote:
the info about the RACF database names is contained into the ICHRDSNT table yacc, yacc, yacc :d


You can start from here for the zOS level You are interested
www-03.ibm.com/systems/z/os/zos/bkserv/index.html

but just curios what do You need the RACF database names for
( You might need to process up to 90 primary and 90 alternates )

I am very sensitive about security issues ( professional habit )
and somehow bothered by the fact that most of the people asking on these forums
are just concerned with just the low level technicalities,
disregarding completely the good IT practices

the reply You received was my standard reply for security related questions

the TS might have legitimate reasons to ask, but better to look rude than look stupid icon_cool.gif

BTDTGTTS
quite a few times I had to <manage> customers wrongdoings due to strange <consultancies> received on the net
Back to top
View user's profile Send private message
Tom Storms

New User


Joined: 10 Nov 2011
Posts: 11
Location: USA

PostPosted: Fri Nov 11, 2011 3:05 am
Reply with quote

enrico-sorichetti wrote:
We certainly started with the wrong foot icon_biggrin.gif

I am just repeating what can be found in the general RACF documentation

Quote:
the info about the RACF database names is contained into the ICHRDSNT table yacc, yacc, yacc :d


You can start from here for the zOS level You are interested
www-03.ibm.com/systems/z/os/zos/bkserv/index.html

but just curios what do You need the RACF database names for
( You might need to process up to 90 primary and 90 alternates )

I am very sensitive about security issues ( professional habit )
and somehow bothered by the fact that most of the people asking on these forums
are just concerned with just the low level technicalities,
disregarding completely the good IT practices

the reply You received was my standard reply for security related questions

the TS might have legitimate reasons to ask, but better to look rude than look stupid icon_cool.gif

BTDTGTTS
quite a few times I had to <manage> customers wrongdoings due to strange <consultancies> received on the net


Thanks Enrico! I technically don't need the data set names - I'm interested in knowing which volumes the data sets are on. It's just that those two seem to travel in pairs...
Back to top
View user's profile Send private message
enrico-sorichetti

Superior Member


Joined: 14 Mar 2007
Posts: 10872
Location: italy

PostPosted: Fri Nov 11, 2011 3:12 am
Reply with quote

as far as RACF is concerned You will never get them thru RACF control block

the ICHRDSNT contains just the dataset names, and they will be located thru a standard catalog search

so I dare to say that You might forget about getting that info in a simple way ...
Back to top
View user's profile Send private message
Tom Storms

New User


Joined: 10 Nov 2011
Posts: 11
Location: USA

PostPosted: Fri Nov 11, 2011 3:23 am
Reply with quote

enrico-sorichetti wrote:
as far as RACF is concerned You will never get them thru RACF control block

the ICHRDSNT contains just the dataset names, and they will be located thru a standard catalog search

so I dare to say that You might forget about getting that info in a simple way ...


Yeah, as I mentioned to Dick earlier, I already have a solution for RACF that works fine. However, what I really want is a generic solution for ANY security system that might be running (RACF, ACF2, TSS). SAF is the interface that provides access to the security system. I thought someone might know how to get the information from SAF. I really don't want to hack a different solution for each vendor product.
Back to top
View user's profile Send private message
Tom Storms

New User


Joined: 10 Nov 2011
Posts: 11
Location: USA

PostPosted: Fri Nov 11, 2011 3:40 am
Reply with quote

Akatsukami wrote:

I instruct them from a distance icon_wink.gif


A truly wise man...
Back to top
View user's profile Send private message
dick scherrer

Moderator Emeritus


Joined: 23 Nov 2006
Posts: 19244
Location: Inside the Matrix

PostPosted: Fri Nov 11, 2011 4:02 am
Reply with quote

Hello,

Quote:
I really don't want to hack a different solution for each vendor product.
Well, the good news is there are only 3 and you have one in hand icon_smile.gif

You might ask CA if there are any common SAF queries for their 2 mainframe security products (acf2/tss). . .
Back to top
View user's profile Send private message
View previous topic :: :: View next topic  
Post new topic   Reply to topic View Bookmarks
All times are GMT + 6 Hours
Forum Index -> All Other Mainframe Topics

 


Similar Topics
Topic Forum Replies
No new posts Mainframe openings in Techmahnidra fo... Mainframe Jobs 0
No new posts What database does Jobtrac use CA Products 4
No new posts Capturing COBOL job and program names... All Other Mainframe Topics 2
No new posts Issue with EXEC CICS QUERY SECURITY c... CICS 6
No new posts Products/Tools to Optimize Adabas Dat... Compuware & Other Tools 2
Search our Forums:

Back to Top