JCW2
asked on
Permissions in Z/OS 2
This question is a continuation of http://www.experts-exchang e.com/OS/M ainFrame_O S/Q_265290 25.html. How do I use the panels in Z/OS to set a RACF profile, or how do I do it from the command shell?
ASKER
I need to set permissions for a specific person to access a specific file.
If you have a specific password then you can issue the command:
PERMIT 'DATA.SET.NAME' ID(userid) ACCESS(READ)
where DATA.SET.NAME is the full file name, userid is the userid of who you want to give access to and "READ" is what you want to allow them to do.
If you want to give them write access, then replace READ with WRITE.
PERMIT 'DATA.SET.NAME' ID(userid) ACCESS(READ)
where DATA.SET.NAME is the full file name, userid is the userid of who you want to give access to and "READ" is what you want to allow them to do.
If you want to give them write access, then replace READ with WRITE.
Ops not WRITE, but UPDATE if you want them to be able to write to the file.
ASKER
I got:
ICH06004I IBM0428.RACF.READ NOT DEFINED TO RACF
ICH06004I IBM0428.RACF.READ NOT DEFINED TO RACF
Is IBM0428.RACF.READ the name of the file you want to allow somebody else to read?
You may want to see how this dataset might be protected.
Try issuing the following command:
listdsd dataset('IBM0438.*')
and post the response.
Try issuing the following command:
listdsd dataset('IBM0438.*')
and post the response.
ASKER
Response: ICH35003I NO RACF DESCRIPTION FOUND FOR IBM0438.*
Yes, IBM0428.RACF.READ is the dataset I'm working with. the user id being worked with is ZUSERID.
Yes, IBM0428.RACF.READ is the dataset I'm working with. the user id being worked with is ZUSERID.
O.K, that means there is no RACF profile for IBM0438 yet.
Try:
ADDDS IBM0428.* UACC(????) GENERIC
Where ????? is what you want the default access to all files that start with the HLQ of IBM0428. Then try the permit command.
The ADDDS adds a generic data set profile.
Try:
ADDDS IBM0428.* UACC(????) GENERIC
Where ????? is what you want the default access to all files that start with the HLQ of IBM0428. Then try the permit command.
The ADDDS adds a generic data set profile.
ASKER
I don't have "ADDDS;" I recieved
"IKJ56500I COMMAND ADDDS NOT FOUND"
"IKJ56500I COMMAND ADDDS NOT FOUND"
Ops, should be ADDSD
ASKER
I used that, and used permit, and the permit command didn't work.
I used: PERMIT 'ibm0428.racf.read' ID(ZUSERID) ACCESS(read).
I used: PERMIT 'ibm0428.racf.read' ID(ZUSERID) ACCESS(read).
Did you do it AFTER you did the ADDSD?
ASKER
Yes. I just made sure, and tried to get the input in in a correct way.
Did the ADDSD command work?
ASKER
Yes.
Does the data set ibm0428.racf.read actually exist?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for your help.
Exactly what do you want to do? In the other question you wanted to allow either everybody or a specific person access to a specific file.