Question & Answer
Question
In TWSz V8R6M0, the TDWC is enhanced to enable users to edit JCL in the TWSz EQQJBLIB (job library) concatenation. What security access must a TDWC user have on the mainframe in order to use this function?
Cause
In all prior versions of TWSz, dialog and gui users could not edit the JBLIB from within TWSz. In V8R6, the possibility is provided for TDWC gui users to edit the MASTER JCL for jobs defined to TWS-z/OS.
How is access to this function controlled?
Answer
In TWSz V8R6 there is a new security FIXED RESOURCE "JL". and subresources JL.DSNAME and JL.MEMBER. The JL FIXED RESOURCE controls the user's access to the JOBLIB EDIT FUNCTION, and subresources JL.DSNAME and JL.MEMBER control user access to individual datasets in the EQQJBLIB concatenation, and to specific MEMBERs in each of those datasets, respectively.
As all I/O to the EQQJBLIB through this function is done by the CONTROLLER started task, at the request of the TDWC, users do not need ANY level of access to datasets in the EQQJBLIB concatenation other than that granted using the JL FIXED RESOURCE and the JL.DSNAME and JLMEMBER subresources.
There is further documentation on this issue in the TWSz V8R6 CUSTOMIZATION AND TUNING GUIDE, Chapter 3 - IMPLEMENTING SECURITY,
Was this topic helpful?
Document Information
Modified date:
13 September 2019
UID
swg21595187