About Tasks
When you secure tasks, you control who can invoke a task.
Until you secure tasks, any user can invoke any task.
How to Secure Tasks
To secure tasks internally, include an entry in the SRTT:
#SECRTT TYPE=ENTRY, X
RESTYPE=TASK, X
SECBY=INTERNAL
To secure tasks externally, include an entry in the SRTT:
#SECRTT TYPE=ENTRY, X
RESTYPE=TASK, X
SECBY=EXTERNAL, X
Additional parameters required
Note: For more information, see the following sections:
Task Occurrence Overrides
In the SRTT you can specify occurrence overrides for the task resource. If you secure tasks externally, you must specify an occurrence override to unsecure the SIGNON task. Without this override, any attempt to sign on will fail.
Unsecured Tasks
After task security is activated, you can allow a user to execute certain tasks, whether or not the user is signed on, by creating a category of those tasks and granting execution privilege on the category to group PUBLIC.
If you create a category of tasks which all users can execute if they are signed on, grant the privilege to a group of all users that you explicitly create, not to group PUBLIC.
For external run units such as local utility jobs and access through client/server technology, you must grant execute authority on tasks RHDCNP3S and RHDCNP3J to group PUBLIC or all groups. Alternatively, you can turn off security for tasks RHDCNP3S and RHDCNP3J by including an entry in the SRTT.
Tasks Started by the System
If signon and tasks are secured, the identifier of the user who submitted the job to start the system must be authorized to execute tasks that are created directly or indirectly by startup and shutdown autotasks. An autotask is defined in the AUTOTASK statement of system generation.
No security checking is performed for an autotask. However, any task invoked as a result of autotask execution will cause a security check for the task.
If signon and tasks are secured internally, take these steps to ensure that the tasks can be executed:
|
Copyright © 2014 CA.
All rights reserved.
|
|