How TBESAF99 Works

Using the TBESAF99 Utility to Generate Security Profiles › TBESAF99 Utility › How TBESAF99 Works

How TBESAF99 Works

The TBESAF99 utility program uses a general definition language that will generate security system-specific control statements. The following points describe how the TBESAF99 resource definition generation process works:

During the generation process, TBESAF99 processes and verifies each control statement in the order in which it is submitted.
If the control statement is valid, TBESAF99 generates the associated security-specific entities into an output format defined on the SYSUT2 JCL statement.
If, however, a control statement is not coded correctly or another error is discovered, TBESAF99 rejects that statement and indicates the rejection reason on the control report.
After running TBESAF99 the security administrator should tailor the generated control statements by adding the appropriate PERMIT statements for RACF or CA Top Secret, or rule definitions for CA ACF2, depending on the security system being used.
To aid in problem determination, TBESAF99 generates a report that shows the control parameters submitted and any associated error messages. At the end of the report TBESAF99 returns a condition code to indicate whether the utility was successful or if errors were detected. The security system definitions are still generated if the utility returns a condition code of 04 (warning).

Tell Technical Publications how we can improve this information