Shareware Super Platinum 8

home *** CD-ROM | disk | FTP | other *** search

/ Shareware Super Platinum 8 / Shareware Super Platinum 8.iso / mac / DATABASE / DOCPROC1.ZIP;1 / SAMP-DOC.ZIP / SHARE.DOC < prev next >

Wrap

Text File | 1992-11-08 | 16.4 KB | 212 lines

************************************* * * * CREATING A RACF PROFILE * * * * * ************************************* John S. Ward 03/01/93 EJECT SHARING DATA SETS WITH OTHER USERS - PANEL 3.11 _________________________________________________________________________ | | | RACF - SERVICES OPTION MENU | | OPTION ===> 1 | | | | SELECT ONE OF THE FOLLOWING: | | | | 1 DATA SET ADD, CHANGE, DELETE, or DISPLAY the profile | | for a data set. | | | | T TUTORIAL View a general description of RACF. | | | |_________________________________________________________________________| The RACF (Resource Access Control Facility) Utility allows "customized" security profiles to be created for individual Data Sets (Discrete profile) or for groups of Data Sets (Generic profile). NOTE: allowing access to a Data Set allows access to ALL members within that Data Set. An access list may be specified. The following example creates a Discrete profile allowing universal read access. 1. To access the RACF Utility Menu enter 3.11 on the Primary Command line. 2. Select 1, from the Services Option Menu. _________________________________________________________________________ | | | OPTION ===> 1 | | | | SELECT ONE OF THE FOLLOWING: | | | | 1 ADD Add a profile D DISPLAY Display profile contents | | 2 CHANGE Change a profile S SEARCH Search RACF data set for | | 3 DELETE Delete a profile profiles | | 4 ACCESS Maintain access list | | 5 AUDIT Monitor access attempts | | (for auditors only) | | | | ENTER DATA SET PROFILE INFORMATION: | | | | PROFILE NAME ===> SAS.CNTL | | GENERIC ===> YES if the profile name is generic | | TYPE ===> Blank, MODEL, or TAPE | | VOLUME SERIAL ===> If the data set is not cataloged | | UNIT ===> If option 1 and VOLUME SERIAL entered | | DATA SET PASSWORD ===> If the data set is password protected | | | | USE MODEL PROFILE ===> YES if the profile is to be modeled | |_________________________________________________________________________| 3. Enter 1, for ADD, on the Option line. <TAB> to PROFILE NAME. 4. Enter the Project_name.Type_name. (The userid nor Member_name are required). Press <RET>. The ADD DATA SET PROFILE Panel will be displayed. EJECT __________________________________________________________________________ | | | RACF - ADD DATA SET PROFILE | | COMMAND ===> | | | | PROFILE NAME: SAS.CNTL | | | | ENTER OR CHANGE DATA SET PROFILE INFORMATION: | | | | OWNER ===> USGJSW USERID OR GROUP NAME | | LEVEL ===> 0 0-99 | | FAILED ACCESSES ===> FAIL FAIL or WARN | | UACC ===> READ NONE, READ, UPDATE, CONTROL, or ALTER | | AUDIT SUCCESSES ===> NOAUDIT READ, UPDATE, CONTROL, ALTER, or NOAUDIT | | AUDIT FAILURES ===> READ READ, UPDATE, CONTROL, ALTER, or NOAUDIT | | INDICATOR ===> SET SET, NOSET, or ONLY | | NOTIFY ===> Userid | | ERASE WHEN DELETED===> Blank or YES | | | | TO ADD OPTIONAL INFORMATION, ENTER YES: | | | | OTHER VOLUMES ===> NO SECURITY LEVEL/CATEGORIES ===> NO | | INSTALLATION DATA ===> NO | | ACCESS LIST ===> NO | | | | | |AltM Mainmenu:AltH Help:VT100: :LED : SA: : :FULL: - - : | |__________________________________________________________________________| 5. Leave the Option line blank. <TAB> to the UACC (Universal Access) field and change NONE to READ for read-only access to the data set. Press <RET>. A message will be displayed that the Profile has been added. The profile just created allows any user read access to the PDS specified. EJECT SPECIFYING AN ACCESS LIST __________________________________________________________________________ | | | RACF - ADD DATA SET PROFILE | | COMMAND ===> | | | | PROFILE NAME: SAS.CNTL | | | | ENTER OR CHANGE DATA SET PROFILE INFORMATION: | | | | OWNER ===> USGJDO USERID OR GROUP NAME | | LEVEL ===> 0 0-99 | | FAILED ACCESSES ===> FAIL FAIL or WARN | | UACC ===> NONE NONE, READ, UPDATE, CONTROL, or ALTER | | AUDIT SUCCESSES ===> NOAUDIT READ, UPDATE, CONTROL, ALTER, or NOAUDIT | | AUDIT FAILURES ===> READ READ, UPDATE, CONTROL, ALTER, or NOAUDIT | | INDICATOR ===> SET SET, NOSET, or ONLY | | NOTIFY ===> Userid | | ERASE WHEN DELETED===> Blank or YES | | | | TO ADD OPTIONAL INFORMATION, ENTER YES: | | | | OTHER VOLUMES ===> NO SECURITY LEVEL/CATEGORIES ===> NO | | INSTALLATION DATA ===> NO | | ACCESS LIST ===> YES | | | | | |AltM Mainmenu:AltH Help:VT100: :LED : SA: : :FULL: - - : | |__________________________________________________________________________| A user may wish to limit access to a particular group or individual(s). RACF allows a list to be specified. To accomplish this, follow steps one through four. Specify NONE at UACC field. 5. <TAB> to ACCESS LIST and enter 'YES' as indicated above. The DATA SET ACCESS LIST ADD panel will be displayed. EJECT __________________________________________________________________________ | | | | | RACF - MAINTAIN DATA SET ACCESS LIST - ADD | | COMMAND ===> | | | | PROFILE NAME: SAS.CNTL | | | |ENTER AUTHORITY TO BE GRANTED: | | ACCESS AUTHORITY ===> READ NONE, READ, UPDATE, CONTROL, or ALTER | | | |ENTER USER/GROUP ID TO BE ADDED: | | ===> USG ===> USGEHB ===> USG01 ===> ===> | | ===> ===> ===> ===> ===> | | ===> ===> ===> ===> ===> | | ===> ===> ===> ===> ===> | | ===> ===> ===> ===> ===> | | | |ENTER INFORMATION FOR PROFILE FROM WHICH ACCESS LIST IS TO BE COPIED: | | PROFILE NAME ===> | | CLASS ===> DATASET | | GENERIC ===> YES if the profile name is generic | | VOLUME SERIAL ===> If a non-cataloged data set profile | | | |TO ADD PROGRAM NAMES, ENTER YES ===> | | | | | |AltM Mainmenu:AltH Help:VT100: :LED : SA: : :FULL: - - : | |__________________________________________________________________________| 6. Leave the Command Line blank. Enter READ at the ACCESS AUTHORITY field. 7. <TAB> to USER/GROUP Section and enter the appropriate information. Press <RET>. A message will indicate that the profile has been added. NOTE: To restrict access to a particular group of student (class) ID's, enter the first five characters as in the example above, ie.; USG01. Different levels of access may be specified for different users or groups of users within the same profile. For example, the user may wish to allow alter access to a fellow professor and read access to a class of students. Each level of the profile must be created separately. To do this, follow the steps above to create a profile. After specifying one level of access and pressing <RET>, select Option 4 from the RACF Option menu. Another menu will be displayed. Select one to add. This will display the DATA SET ACCESS LIST Panel at which time another access level/userid combination may be specified.