This section describes how to define your external security system resources.
Details are given for the three most common external security systems (CA ACF2, CA Top Secret, and RACF).
If your external security system is CA ACF2, then to define and activate the resources in CA ACF2, issue the following commands in TSO:
[ACF]
SET RESOURCE(FAC)
COMPILE *
$KEY(NETMASTR) TYPE(FAC)
ADMIN UID(USER1) SERVICE(READ) ALLOW
OPER UID(USER2) SERVICE(READ) ALLOW
NOPER UID(USER3) SERVICE(READ) ALLOW
MON UID(*) SERVICE(READ) ALLOW
STORE
[END]
Note: Instead of using TSO, you can use the ACFBATCH utility in JCL. If you do this, omit the [ACF] and [END] lines.
If your external security system is CA Top Secret, then to define and activate the resources in CA Top Secret, issue the following commands in TSO:
TSS ADD(dept) IBMFAC(NETMASTR)
TSS PER(USER1) IBMFAC(NETMASTR.ADMIN)
TSS PER(USER2) IBMFAC(NETMASTR.OPER)
TSS PER(USER3) IBMFAC(NETMASTR.NOPER)
TSS PER(USERPROF) IBMFAC(NETMASTR.MON)
If your external security system is RACF:
RDEFINE FACILITY NETMASTR.ADMIN UACC(NONE)
RDEFINE FACILITY NETMASTR.OPER UACC(NONE)
RDEFINE FACILITY NETMASTR.NOPER UACC(NONE)
RDEFINE FACILITY NETMASTR.MON UACC(READ) (see note)
SETROPTS RACLIST(FACILITY) REFRESH
Note: If you do not want to allow general browse access, specify:
RDEFINE FACILITY NETMASTR.MON UACC(NONE)
PERMIT NETMASTR.ADMIN CLASS(FACILITY) ID(USER1)
PERMIT NETMASTR.NOPER CLASS(FACILITY) ID(USER2)
Note: The default access is READ, which is sufficient.