ACF2

 View Only

  • 1.  UID(*) what does it mean for a resource

    Posted May 15, 2023 04:36 PM

    For a Mainframe Resource if I see this as the Universal Access 
    UID(*) LOG what is the actual Access that is allowing is there a way to display the specific access that is being logged ?
    Is there a command that specifically displays the Default access that UID(*) has ?



  • 2.  RE: UID(*) what does it mean for a resource

    Posted May 22, 2023 11:20 AM

    UID(*) LOG

    That means that all users have no access to that given resource, and they will log any attempts to access it.


    Original Message


  • 3.  RE: UID(*) what does it mean for a resource

    Posted May 23, 2023 07:40 AM

    Resource Rule Entries

    Broadcom remove preview
    Resource Rule Entries
    Individual resource rule entries follow the control statements in a rule set. Each rule entry specifies an environment and access permission under which access to a particular resource can take place. When an access attempt is made, matches the environment of the access attempt against the environment specified in the resource rule.
    View this on Broadcom >


    Log means it will allow access but log it. 

    Refer to the above link for more info.



    ------------------------------
    Ernest Gorski
    ------------------------------

    Original Message


  • 4.  RE: UID(*) what does it mean for a resource

    Broadcom Employee
    Posted May 23, 2023 08:25 AM
    Dan, as you mentioned UID(*) log means universal access allowed, but all the access will be logged.

    You can run ACFRPTRV report with DETAIL option pointing to SMF active at the time when access was made and it will print all the log entries showing the actual access. 

    //SYSIN    DD *                                    

    TITLE(ACFRPTRV)

    DETAIL

    /*

     
    UID(*) LOG means all logonids have access to a resource for SERVICE READ, UPDATE, DELETE and ADD.
     
    You can also use the test command to see if the access to this resource would be given or not:
     
    test * 
     
    RSRCNAME('resource,name') LID(logonid) SERVICE(read)    
     
    ACCESS subcommand comes in handy as well to see what access will be allowed to a particular dataset or resource. 
     
    Please let me know if this answers your question or you were looking for some other information?
     
    Thanks.

    Jasdeep 

    Original Message