Valid on z/OS, z/VSE, and z/VM.
Use the REMOVE command function to remove ownership of the keyword specified in the ADDTO function. Ownership cannot be removed until permitted access is revoked, if applicable. REMOVE is the functional opposite of ADDTO.
Issuing the REMOVE command to remove a profile for a signed-on ACID automatically triggers a type 71 RACF Event Notifications (ENF) signal, which provides notification about the change to the ACID's security record. Applications that receive the signal can take action (for example, immediately refreshing the ACID's security record in a CICS remote region).
This command function has the following format:
TSS REMOVE(acid) keyword[(operand)]
Specifies the ACID from which the resource or attribute ownership is being removed.
Specifies the type of resource or attribute being removed.
Specifies the specific prefix, name, or value of the resource or attribute. When the keyword is assigned with a unique operand value, the operand value can be omitted. The parentheses for the operand are still required.
Avoid mixing unrelated resources, fields, and keywords in the same ADD/REMOVE command for a user, to avoid ambiguities that might not be anticipated.
Example: Remove Keywords Explicitly
This example removes keywords explicitly:
TSS REMOVE(user1) NOLCFCHK
TSOLPROC(proc396)
TSOJCLASS(a)
Example: Remove Keywords Implicitly
This example removes the keywords implicitly:
TSS REMOVE(user1) NOLCFCHK
TSOLPROC()
TSOJCLASS()
Example: Specify a Resource Subfield when Removing a Resource from a User
When removing a resource from a user, the resource subfield must be specified. For example, the data set name added with the following command can only be removed explicitly:
TSS ADD(user1) DSNAME(xxxxxxx.yyyyyyy.zz)
The following specification removes the resource:
TSS REMOVE(user1) DSNAME(xxxxxxx.yyyyyyy.zz)
The following specification does not remove the resource:
TSS REMOVE(user1) DSNAME()
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|