Writing an IOCDS requires authorization in either of the following
ways:
- The z/OS® system operator
allows you by responding to message ICP050D
- A security product (for example, RACF®)
defines you as someone authorized to write an IOCDS.
The following conditions apply when you run IOCP directly to write
an IOCDS or when you use the Hardware Configuration Definition. (The
HCD runs IOCP to build an IOCDS.)
- If the CBD.CPC.IOCDS resource of the FACILITY class exists in
an installed security product (for example, RACF), IOCP does not send message ICP050D to
the z/OS operator. IOCP determines
your authorization to write an IOCDS from your authorization to update
the CBD.CPC.IOCDS resource. If the security administrator has authorized
you to update this resource, IOCP writes the IOCDS. If you are not
authorized to update the resource, IOCP does not write the IOCDS.
- If the CBD.CPC.IOCDS resource of the FACILITY class does not exist
in an installed security product, IOCP sends message ICP050D. This
message prompts the z/OS system
operator to allow you to write the IOCDS.
- The logical partition running IOCP must have I/O Configuration
Control Authority enabled on the Support Element.