Author: Rohit Umarjikar
Posted: Mon Jul 25, 2016 9:42 pm (GMT 5.5)
Also,
SETROPTS
LOGON/JOB INITIATION - NOT AUTHORIZED TO APPLICATION
_________________
Regards,
Rohit Umarjikar
"Some things Man was never meant to know. For everything else, there's Google"
Posted: Mon Jul 25, 2016 9:42 pm (GMT 5.5)
Also,
| Code: |
| Attention: Any CICS user, whether signed on or not, is able to submit jobs that use the SURROGAT userid, if the CICS userid has authority for SURROGAT. If your installation is using transient data queues to submit jobs, you can control who is allowed to write to the transient data queue that goes to the internal reader. However, if your installation is using EXEC CICS SPOOLOPEN to submit jobs, you cannot control who can submit jobs (without writing an API global user exit program to screen the commands). CICS spool commands do no CICS resource or command checking. You can use an EXEC CICS ASSIGN USERID command to find the userid of the user who triggered the application code. Application programmers can then provide code that edits a USER operand onto the JOB card destined for the internal reader.For a complete description of surrogate job submission support, see the z/OS Security Server RACF Security Administrator's Guide |
SETROPTS
LOGON/JOB INITIATION - NOT AUTHORIZED TO APPLICATION
_________________
Regards,
Rohit Umarjikar
"Some things Man was never meant to know. For everything else, there's Google"