Event Management › Implementation Process › Security

Security

Before a command is executed from the console GUI or through a message action using oprcmd, an authorization check is performed to verify that the user ID is permitted to execute the command.

On z/OS, the identity of the user entering the command is deduced, and the command and all the resources it accesses are performed under the context of the original user. Generally, this is performed in conjunction with the security controls available with your system security software such as CA ACF2, CA Top Secret, or RACF.

On other platforms:

• If CA security is not active, the user ID issuing the command must be in the "Users authorized to issue commands" list before the command can be executed. You can edit this list in the Event Management tab of the EM Settings notebook.
• If CA security is active, CA security must explicitly permit the user ID to execute that command. To do this, you must create a rule for the CA‑CONSOLE‑COMMAND asset type.