home *** CD-ROM | disk | FTP | other *** search
/ High Voltage Shareware / high1.zip / high1 / DIR21 / DOCPRC13.ZIP / SAMP-DOC.ZIP / SHARE.DOC < prev    next >
Text File  |  1992-11-16  |  16KB  |  234 lines
  1.                                                                                 
  2.                                                                                 
  3.                                                                                 
  4.                                                                                 
  5.                                                                                 
  6.                                                                                 
  7.                                                                                 
  8.                                                                                 
  9.                                                                                 
  10.                       *************************************                     
  11.                       *                                   *                     
  12.                       *    CREATING A RACF PROFILE        *                     
  13.                       *                                   *                     
  14.                       *                                   *                     
  15.                       *************************************                     
  16.                                                                                 
  17.                                                                                 
  18.                                                                                 
  19.                                                                                 
  20.                                                                                 
  21.  
  22.  
  23.  
  24.  
  25.  
  26.  
  27.  
  28.  
  29.  
  30.  
  31.  
  32.  
  33.  
  34.  
  35.  
  36.  
  37.  
  38.  
  39.  
  40.  
  41.  
  42.  
  43.  
  44.  
  45.  
  46.  
  47.  
  48.                                                      John S. Ward
  49.                                                        03/01/93
  50.  
  51. EJECT                                                                           
  52.                         SHARING DATA SETS WITH OTHER USERS - PANEL 3.11
  53.     _________________________________________________________________________
  54.    |                                                                         |
  55.    |                          RACF - SERVICES OPTION MENU                    |
  56.    | OPTION ===> 1                                                           |
  57.    |                                                                         |
  58.    | SELECT ONE OF THE FOLLOWING:                                            |
  59.    |                                                                         |
  60.    |    1  DATA SET           ADD, CHANGE, DELETE, or DISPLAY the profile    |
  61.    |                          for a data set.                                |
  62.    |                                                                         |
  63.    |    T  TUTORIAL           View a general description of RACF.            |
  64.    |                                                                         |
  65.    |_________________________________________________________________________|
  66.  
  67.    The RACF (Resource Access Control Facility) Utility allows "customized"
  68.    security profiles to be created for individual Data Sets (Discrete profile)
  69.    or for groups of Data Sets (Generic profile).  NOTE: allowing access to a
  70.    Data Set allows access to ALL members within that Data Set.  An access list
  71.    may be specified.  The following example creates a Discrete profile allowing
  72.    universal read access.
  73.                                                                                 
  74.    1. To access the RACF Utility Menu enter 3.11 on the Primary Command line.   
  75.    2. Select 1, from the Services Option Menu.                                  
  76.     _________________________________________________________________________   
  77.    |                                                                         |  
  78.    | OPTION ===> 1                                                           |  
  79.    |                                                                         |  
  80.    | SELECT ONE OF THE FOLLOWING:                                            |  
  81.    |                                                                         |  
  82.    |  1  ADD     Add a profile          D  DISPLAY  Display profile contents |  
  83.    |  2  CHANGE  Change a profile       S  SEARCH   Search RACF data set for |  
  84.    |  3  DELETE  Delete a profile                   profiles                 |  
  85.    |  4  ACCESS  Maintain access list                                        |  
  86.    |  5  AUDIT   Monitor access attempts                                     |  
  87.    |                (for auditors only)                                      |  
  88.    |                                                                         |  
  89.    | ENTER DATA SET PROFILE INFORMATION:                                     |  
  90.    |                                                                         |  
  91.    |   PROFILE NAME      ===> SAS.CNTL                                       |  
  92.    |   GENERIC           ===>          YES if the profile name is generic    |  
  93.    |   TYPE              ===>          Blank, MODEL, or TAPE                 |  
  94.    |   VOLUME SERIAL     ===>          If the data set is not cataloged      |  
  95.    |   UNIT              ===>          If option 1 and VOLUME SERIAL entered |  
  96.    |   DATA SET PASSWORD ===>          If the data set is password protected |  
  97.    |                                                                         |  
  98.    |   USE MODEL PROFILE ===>          YES if the profile is to be modeled   |  
  99.    |_________________________________________________________________________|  
  100.                                                                                 
  101.    3. Enter 1, for ADD, on the Option line. <TAB> to PROFILE NAME.              
  102.    4. Enter the Project_name.Type_name.  (The userid nor Member_name are
  103.       required).  Press <RET>.  The ADD DATA SET PROFILE Panel will be
  104.       displayed.
  105. EJECT
  106.     __________________________________________________________________________  
  107.    |                                                                          | 
  108.    |                           RACF - ADD DATA SET PROFILE                    | 
  109.    | COMMAND ===>                                                             | 
  110.    |                                                                          | 
  111.    |    PROFILE NAME: SAS.CNTL                                                | 
  112.    |                                                                          | 
  113.    | ENTER OR CHANGE DATA SET PROFILE INFORMATION:                            | 
  114.    |                                                                          | 
  115.    | OWNER             ===> USGJSW   USERID OR GROUP NAME                     | 
  116.    | LEVEL             ===> 0        0-99                                     | 
  117.    | FAILED ACCESSES   ===> FAIL     FAIL or WARN                             | 
  118.    | UACC              ===> READ     NONE, READ, UPDATE, CONTROL, or ALTER    | 
  119.    | AUDIT SUCCESSES   ===> NOAUDIT  READ, UPDATE, CONTROL, ALTER, or NOAUDIT | 
  120.    | AUDIT FAILURES    ===> READ     READ, UPDATE, CONTROL, ALTER, or NOAUDIT | 
  121.    | INDICATOR         ===> SET      SET, NOSET, or ONLY                      | 
  122.    | NOTIFY            ===>          Userid                                   | 
  123.    | ERASE WHEN DELETED===>          Blank or YES                             | 
  124.    |                                                                          | 
  125.    | TO ADD OPTIONAL INFORMATION, ENTER YES:                                  | 
  126.    |                                                                          | 
  127.    |    OTHER VOLUMES      ===> NO         SECURITY LEVEL/CATEGORIES ===> NO  | 
  128.    |    INSTALLATION DATA  ===> NO                                            | 
  129.    |    ACCESS LIST        ===> NO                                            | 
  130.    |                                                                          | 
  131.    |                                                                          | 
  132.    |AltM Mainmenu:AltH Help:VT100:         :LED    : SA:   : :FULL:   -  -  : | 
  133.    |__________________________________________________________________________| 
  134.                                                                                 
  135.                                                                                 
  136.    5. Leave the Option line blank.  <TAB> to the UACC (Universal Access) field
  137.       and change NONE to READ for read-only access to the data set. Press <RET>.
  138.       A message will be displayed that the Profile has been added.  The profile
  139.       just created allows any user read access to the PDS specified.
  140.                                                                                 
  141.                                                                                 
  142.                                                                                 
  143. EJECT                                                                           
  144.                                                                                 
  145.                            SPECIFYING AN ACCESS LIST                            
  146.                                                                                 
  147.                                                                                 
  148.     __________________________________________________________________________  
  149.    |                                                                          | 
  150.    |                           RACF - ADD DATA SET PROFILE                    | 
  151.    | COMMAND ===>                                                             | 
  152.    |                                                                          | 
  153.    |    PROFILE NAME: SAS.CNTL                                                | 
  154.    |                                                                          | 
  155.    | ENTER OR CHANGE DATA SET PROFILE INFORMATION:                            | 
  156.    |                                                                          | 
  157.    | OWNER             ===> USGJDO   USERID OR GROUP NAME                     | 
  158.    | LEVEL             ===> 0        0-99                                     | 
  159.    | FAILED ACCESSES   ===> FAIL     FAIL or WARN                             | 
  160.    | UACC              ===> NONE     NONE, READ, UPDATE, CONTROL, or ALTER    | 
  161.    | AUDIT SUCCESSES   ===> NOAUDIT  READ, UPDATE, CONTROL, ALTER, or NOAUDIT | 
  162.    | AUDIT FAILURES    ===> READ     READ, UPDATE, CONTROL, ALTER, or NOAUDIT | 
  163.    | INDICATOR         ===> SET      SET, NOSET, or ONLY                      | 
  164.    | NOTIFY            ===>          Userid                                   | 
  165.    | ERASE WHEN DELETED===>          Blank or YES                             | 
  166.    |                                                                          | 
  167.    | TO ADD OPTIONAL INFORMATION, ENTER YES:                                  | 
  168.    |                                                                          | 
  169.    |    OTHER VOLUMES      ===> NO         SECURITY LEVEL/CATEGORIES ===> NO  | 
  170.    |    INSTALLATION DATA  ===> NO                                            | 
  171.    |    ACCESS LIST        ===> YES                                           | 
  172.    |                                                                          | 
  173.    |                                                                          | 
  174.    |AltM Mainmenu:AltH Help:VT100:         :LED    : SA:   : :FULL:   -  -  : | 
  175.    |__________________________________________________________________________| 
  176.                                                                                 
  177.                                                                                 
  178.    A user may wish to limit access to a particular group or individual(s).  RACF
  179.    allows a list to be specified.  To accomplish this, follow steps one through
  180.    four.  Specify NONE at UACC field.
  181.                                                                                 
  182.    5. <TAB> to ACCESS LIST and enter 'YES' as indicated above.  The DATA SET
  183.       ACCESS LIST ADD panel will be displayed.
  184. EJECT                                                                           
  185.                                                                                 
  186.     __________________________________________________________________________  
  187.    |                                                                          | 
  188.    |                                                                          | 
  189.    |                  RACF - MAINTAIN DATA SET ACCESS LIST - ADD              | 
  190.    | COMMAND ===>                                                             | 
  191.    |                                                                          | 
  192.    |   PROFILE NAME: SAS.CNTL                                                 | 
  193.    |                                                                          | 
  194.    |ENTER AUTHORITY TO BE GRANTED:                                            | 
  195.    |   ACCESS AUTHORITY  ===> READ      NONE, READ, UPDATE, CONTROL, or ALTER | 
  196.    |                                                                          | 
  197.    |ENTER USER/GROUP ID TO BE ADDED:                                          | 
  198.    |   ===> USG      ===> USGEHB   ===> USG01    ===>          ===>           | 
  199.    |   ===>          ===>          ===>          ===>          ===>           | 
  200.    |   ===>          ===>          ===>          ===>          ===>           | 
  201.    |   ===>          ===>          ===>          ===>          ===>           | 
  202.    |   ===>          ===>          ===>          ===>          ===>           | 
  203.    |                                                                          | 
  204.    |ENTER INFORMATION FOR PROFILE FROM WHICH ACCESS LIST IS TO BE COPIED:     | 
  205.    |   PROFILE NAME  ===>                                                     | 
  206.    |   CLASS         ===> DATASET                                             | 
  207.    |   GENERIC       ===>               YES if the profile name is generic    | 
  208.    |   VOLUME SERIAL ===>               If a non-cataloged data set profile   | 
  209.    |                                                                          | 
  210.    |TO ADD PROGRAM NAMES, ENTER YES ===>                                      | 
  211.    |                                                                          | 
  212.    |                                                                          | 
  213.    |AltM Mainmenu:AltH Help:VT100:         :LED    : SA:   : :FULL:   -  -  : | 
  214.    |__________________________________________________________________________| 
  215.                                                                                 
  216.    6. Leave the Command Line blank.  Enter READ at the ACCESS AUTHORITY field.
  217.                                                                                 
  218.    7. <TAB> to USER/GROUP Section and enter the appropriate information.  Press
  219.       <RET>.  A message will indicate that the profile has been added.
  220.                                                                                 
  221.    NOTE: To restrict access to a particular group of student (class) ID's,
  222.          enter the first five characters as in the example above, ie.; USG01.
  223.                                                                                 
  224.                                                                                 
  225.     Different levels of access may be specified for different users or groups   
  226.     of users within the same profile.  For example, the user may wish to allow
  227.     alter access to a fellow professor and read access to a class of students.
  228.     Each level of the profile must be created separately.  To do this, follow
  229.     the steps above to create a profile.  After specifying one level of access
  230.     and pressing <RET>, select Option 4 from the RACF Option menu.  Another
  231.     menu will be displayed.  Select one to add.  This will display the DATA SET
  232.     ACCESS LIST Panel at which time another access level/userid combination     
  233.     may be specified.                                                           
  234.