Author: steve-myers
Subject: Re: Reply to: RACF profile access
Posted: Tue Sep 27, 2016 8:25 pm (GMT 5.5)
I had access to Vanguard RACF Administrator (the proper name for the "Vanguard" Mr. Robinson mentioned) for a while back in the 1990s during my first stint doing RACF admin work, but I didn't know - then - that VRA had the capability. Believe me, I researched that, too!
I'm not familiar with zSecure - in fact until Mr. Robinson's post I had never heard of it.
As Mr. Robinson says, trying to determine what profiles (as opposed to resources) a user or group can access is not easily determined with straight RACF. One would have to "dump" the RACF data base and analyze it to determine this information; a project that would require considerable analysis and research. Better to buy VRA or zSecure!
HTH
Subject: Re: Reply to: RACF profile access
Posted: Tue Sep 27, 2016 8:25 pm (GMT 5.5)
| David Robinson wrote: |
| Despite the confusion over the terminology (group / profile) the OP's question is still valid - how do you tell what resources the group has access to. This is not easily determined from RACF. Do you have any of the add on tools, such as Vanguard or zSecure, both of which provide this sort of cross referencing? |
I had access to Vanguard RACF Administrator (the proper name for the "Vanguard" Mr. Robinson mentioned) for a while back in the 1990s during my first stint doing RACF admin work, but I didn't know - then - that VRA had the capability. Believe me, I researched that, too!
I'm not familiar with zSecure - in fact until Mr. Robinson's post I had never heard of it.
As Mr. Robinson says, trying to determine what profiles (as opposed to resources) a user or group can access is not easily determined with straight RACF. One would have to "dump" the RACF data base and analyze it to determine this information; a project that would require considerable analysis and research. Better to buy VRA or zSecure!
HTH