Resources › CACMD Resource Class—Secure CA Commands

CACMD Resource Class—Secure CA Commands

Valid on z/OS and z/VM.

Use CACMD to secure other CA Product commands and programs.

When used with TSS ADDTO/REMOVE, this resource class has the following format:

TSS ADDTO(acid) CACMD(prefix(es))

Prefix length

One to eight characters

Capacity of list

One to five prefixes per TSS command

When used with TSS PERMIT/REVOKE, this resource class has the following format:

TSS PERMIT(acid) CACMD(prefix(es))

Prefix length

One to forty‑four characters

Capacity of list

One to five prefixes per TSS command

CACMD is used with:

• The commands CREATE, ADDTO, REMOVE, PERMIT, REVOKE, ADMIN, DEADMIN, WHOOWNS, and WHOHAS
• The ACID types User, Profile, Department, Division, Zone, DCA, VCA, ZCA, LSCA, SCA, and MSCA when used with TSS ADD/REMOVE
• The ACID types User, Profile, DCA, VCA, ZCA, LSCA, SCA, and MSCA when used with TSS PERMIT/REVOKE
• CACMD(OWN) authority to ADD or REMOVE Authority to control access of CA product specific commands owned
• CACMD(XAUTH) authority to PERMIT or REVOKE the Authority to CA product specific commands, functions and programs

The administrator can use any of the following methods to control access to CACMD resources: Expiration, Facility, Time/Day, and Actions.

Examples: CACMD resource class

This example gives PRDCNTL ownership of the BrightStor™ CA‑1® command named LOINQUIR:

TSS ADDTO(PRDCNTL) CACMD(LOINQUIR)

This example removes ownership:

TSS REMOVE(PRDCNTL) CACMD(LOINQUIR)

This example permit ACID, TAPELIB, the ability to use the BrightStor CA‑1 command, CATALOG:

TSS PERMIT(TAPELIB) CACMD(CATALOG)

This example enables all users to issue the BrightStor CA‑1 command INQUIRE:

TSS PERMIT(ALL) CACMD(INQUIRE)