ESP Workload Automation

 View Only
  • 1.  ESP RACF Security Rules

    Posted May 09, 2019 04:56 PM

    Hi,

    My company is primarily a dSeries CAWLA shop, but we do have one small data center running ESP (mSeries). I am an Admin for the CAWLA and have limited knowledge of ESP and have been asked to review how the security is set up for ESP and determine if there are any breaches. Unfortunately, the RACF support team supporting the Data Center doesn't have much knowledge on ESP, so I'm at a loss as to how to extract the security rules governing access to ESP.

     

    I know there should be rules like ESP.APPLX.* or ESP.GROUPX.* set up, but I do not know how to retrieve the rules from the RACF environment.

     

    Any help the Community can provide would be greatly appreciated.

     

    Thanks,

    Denise Cronin



  • 2.  Re: ESP RACF Security Rules

    Community Manager
    Posted May 09, 2019 05:00 PM

    Denise, I've moved this question to the CA Mainframe Workload Automation community, where the ESP team will see it. 



  • 3.  Re: ESP RACF Security Rules

    Posted May 09, 2019 05:26 PM
      |   view attached

    Thanks, Lenn, I wasn’t sure where the ESP community was.

     

    Denise



  • 4.  Re: ESP RACF Security Rules

    Community Manager
    Posted May 10, 2019 09:48 AM

    You're welcome. That's why I'm here

    And once we migrate to the new platform, ESP will have its own, standalone community which I hope will make it easier to find!



  • 5.  Re: ESP RACF Security Rules
    Best Answer

    Broadcom Employee
    Posted May 09, 2019 05:21 PM

    Hi Denise,

     

    To List the security profiles in RACF, RL command should be used. Following is from IBM website: 

    https://www.ibm.com/support/knowledgecenter/en/SSLTBW_2.3.0/com.ibm.zos.v2r3.icha400/rlist.htm 

     

    You can issue:

    RL class_name *

     

    Note: change class_name to the value on SAFCLASS parm in ESPPARM.

     

    Hope this helps,

     

    Lucy