In z/OS 2.1, JES2 and JES3 have new SAF calls to control the use of specific job classes. These SAF calls are triggered when users are permitted to either of the following IBMFAC class resources:
Checks whether the execution owner has access to the job class.
Checks whether the submitting user ID has access to the job class.
When users are permitted to these resources, JES2/JES3 issues resource checks for new JESJOBS resources. The new JESJOBS resources have the format (JOBCLASS.node.class.jobname).
If you decide to implement these controls, we recommend that you permit users to the JESJOBS resources before activating the controls with permits to the IBMFAC resources.
Example: Restrict Use of a Job Class for a Specific User
Issuing the commands in this example controls job class usage as follows:
TSS ADD(dept) IBMFAC(JES.JOBCLASS.OWNER) TSS ADD(dept) IBMFAC(JES.JOBLCASS.SUBMITTER) TSS ADD(dept) JESJOBS(JOBCLASS.N67) TSS PER(USER1) JESJOBS(JOBCLASS.N67.B) TSS PER(USER1) IBMFAC(JES.JOBCLASS.OWNER) TSS PER(USER1) IBMFAC(JES.JOBCLASS.SUBMITTER)
Specifies the department ACID to which you are assigning ownership of the resource. This department ACID is associated with the user for which you want to control job class usage.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|