Assigning ownership for each individual resource may sound like an enormous task, but by using profile ACIDs and Generic Prefixing whenever possible you can greatly reduce the number of CA Top Secret command entries required.
You can define resources to CA Top Secret by their full name or through a generic prefix. Generic prefixing allows a group of similar resources in the same resource class to be defined to CA Top Secret simultaneously. For example, the IEHPROGM, IEHINIT, and IEHLIST programs could be grouped under the generic prefix “IEH.” That way, instead of entering:
TSS ADD(USER01) PGM(IEHPROGM) TSS ADD(USER01) PGM(IEHINIT) TSS ADD(USER01) PGM(IEHLIST)
you would enter:
TSS ADD(USER01) PGM(IEH)
Note: If you had added the NONGENERIC attribute to the PGM resource class in the RDT, you would enter:
TSS ADD(USER01) PGM(IEH(G))
That way the G would indicate that IEH is a generic prefix and not a fully qualified resource name.
Similarly, using generic prefixing, you could grant user ADM10MK access authorizations to all data sets whose first qualifier is ADM10.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|