Authorizing an IOCDS write

Writing an IOCDS requires authorization in either of the following ways:
  • The z/OS® system operator allows you by responding to message ICP050D
  • A security product (for example, RACF®) defines you as someone authorized to write an IOCDS.
The following conditions apply when you run IOCP directly to write an IOCDS or when you use the Hardware Configuration Definition. (The HCD runs IOCP to build an IOCDS.)
  • If the CBD.CPC.IOCDS resource of the FACILITY class exists in an installed security product (for example, RACF), IOCP does not send message ICP050D to the z/OS operator. IOCP determines your authorization to write an IOCDS from your authorization to update the CBD.CPC.IOCDS resource. If the security administrator has authorized you to update this resource, IOCP writes the IOCDS. If you are not authorized to update the resource, IOCP does not write the IOCDS.
  • If the CBD.CPC.IOCDS resource of the FACILITY class does not exist in an installed security product, IOCP sends message ICP050D. This message prompts the z/OS system operator to allow you to write the IOCDS.
  • The logical partition running IOCP must have I/O Configuration Control Authority enabled on the Support Element.