If the installed security software is set up to do volume-level checking, you may need to code the IBM IEC.TAPERING facility profile. Update the profile to allow those individuals with read-only access to certain data sets to read the data sets after they are written to Virtual Volumes. The operating system automatically prevents an individual with read-only access to a 3480 or 3490 tape data set from mounting the tape when that data set was created by someone with alter access and the write ring is installed. The write ring is always considered installed for Virtual Volumes.
Allowing read access to the IEC.TAPERING facility does not override the existing data set level security. The security software stops any attempt by someone with read-only access to open the data set for output processing.
For information about the IEC.TAPERING facility, see the IBM SecureWay Security Server RACF Security Administrator's Guide.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|