Example 1 - Broadening Privileges for General Users

To authorize general users to perform a SELECT PROCESS command and a SELECT STATISTICS command for Processes submitted with any user ID rather than just with the ID of the submitter, perform the following steps:

Procedure

  1. Look in the DGA$MFLG macro for the bits that allow the user to perform these two commands. These bits are located in BYTE06 of DGA$MFLG.
  2. Find the bits that allow these two commands only for the ID of the submitter. These bits are located in BYTE12 of DGA$MFLG.
  3. Locate the label in the DGAXAUTH macro that indicates the General User authorization bit mask (GUSRABM). General user BYTES 06 and 12 are currently set to the following values.
    GUSR6 DC XL1’00’
    GUSR12 DC AL1(GDSPPRC+GDELPRC+GFLSPRC+GDSPSTA+GCHGPRC+GVIEWPR)
  4. To allow general users to perform SELECT PROCESS and SELECT STATISTICS commands for any user ID, remove GDSPPRC and GDSPSTA from BYTE12 and copy the DSPPRC and DSPSTA bits from BYTE06 in the DGA$MFLG authorization bit mask and put them in BYTE06 in the GUSRABM, changing these bytes to the following values:
    GUSR6	DC AL1(DSPPRC+DSPSTA)
    GUSR12 DC AL1(GDELPRC+GFLSPRC+GCHGPRC+GVIEWPR)
  5. Reassemble and link-edit your security module that uses the DGAXAUTH macro.
  6. To put the new exit into effect, stop and restart IBM® Connect:Direct®.