My company is primarily a dSeries CAWLA shop, but we do have one small data center running ESP (mSeries). I am an Admin for the CAWLA and have limited knowledge of ESP and have been asked to review how the security is set up for ESP and determine if there are any breaches. Unfortunately, the RACF support team supporting the Data Center doesn't have much knowledge on ESP, so I'm at a loss as to how to extract the security rules governing access to ESP.
I know there should be rules like ESP.APPLX.* or ESP.GROUPX.* set up, but I do not know how to retrieve the rules from the RACF environment.
Any help the Community can provide would be greatly appreciated.
Denise, I've moved this question to the CA Mainframe Workload Automation community, where the ESP team will see it.
Thanks, Lenn, I wasn’t sure where the ESP community was.
You're welcome. That's why I'm here And once we migrate to the new platform, ESP will have its own, standalone community which I hope will make it easier to find!
To List the security profiles in RACF, RL command should be used. Following is from IBM website:
You can issue:
RL class_name *
Note: change class_name to the value on SAFCLASS parm in ESPPARM.
Hope this helps,