Authorization through the TSS PERMIT function allows users to use designated resources in either an unlimited or specifically restricted manner. Restrictions are specified by incorporating the appropriate keywords into the PERMIT entry. For example, the following allows USER01 read-only access to the MAINT minidisk through VM, but only on the system that has an SMFID of TS01.
TSS PERMIT(USER01) VMMD(MAINT) FAC(VM) SYSID(TS01) ACCESS(READ) TIME(08,17) FOR(30)
Access is allowed only from 8 A.M. to 6 P.M. for a period of 30 days, commencing from the date of this entry.
Note: USER01 requires the ability to access VM through a previous CREATE/ADDTO FAC(VM) entry for the example to be valid. If no facility restriction had been specified above, then USER01 may have been able to access MAINT through any facility that is normally accessible.
For a list of all the keywords that can be associated with the PERMIT function, refer to the Command Functions Guide.
The Security Administrator needs RESOURCE(XAUTH) authority to PERMIT or REVOKE access to resources. The authority can be also be restricted to particular types of resources, such as MINIDISK(XAUTH).
Note that RES(XAUTH) is an atypical administrative authority in that it allows the administrator to assign or revoke access authorizations to any ACID--provided that the resource involved is within the administrator’s scope.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|