Authorize SOLVE SSI Command Access

Preparing the IBM Communications Server › Authorize SOLVE SSI Command Access

Authorize SOLVE SSI Command Access

Note: If you are using CA ACF2 for z/OS, you do not need to perform this task unless it is set up to protect operator commands.

The Packet Analyzer issues VARY TCPIP commands. The user ID associated with your SOLVE SSI region must be authorized by your security system to issue these commands. The OPERCMDS resources to be accessed, and required access levels are as follows:

MVS.VARY.TCPIP: UPDATE access
MVS.VARY.TCPIP.PKTTRACE: CONTROL access

Example: Authorization in a CA ACF2 System that Protects Operator Commands

$KEY(MVS) TYPE(OPR)
VARY.TCPIP.- UID(uid_string) SERVICE(UPDATE) ALLOW
VARY.TCPIP.PKTTRACE UID(uid_string) SERVICE(DELETE) ALLOW

Example: Authorization in a CA Top Secret System

TSS PER(XXXXXX) OPERCMD(MVS.VARY.) ACCESS(All)

Example: Authorization in a RACF System

PE MVS.VARY.TCPIP.* CLASS(OPERCMDS) ID(uuuuuuu) ACCESS(UPDATE)
PE MVS.VARY.TCPIP.PKTTRACE CLASS(OPERCMDS) ID(uuuuuuu)
  ACCESS(CONTROL)