Types of Command Authorization

With the NetView® program, you can use the command authorization table or SAF command authorization to restrict access to commands, certain keywords, and values. For more information about which commands, keywords, and values are eligible for protection, see NetView Commands, Keywords, and Values that Can Be Protected.

A NetView command authorization table enables you to restrict access to commands, keywords, and values. It then allows you to permit operators and groups of operators to access these restricted commands, keywords, and values. You can also specify commands, keywords, and values that pass authorization checking. Refer to the CNMSCAT2 sample for an example command authorization table. For the GDPS® Active/Active Continuous Availability solution, refer to the AQNCAT sample (%INCLUDEd in the CNMSCAT2 sample). The NetView command authorization table is stored as a member of the DSIPARM data set. You can use the REFRESH command to dynamically update your table.

SAF command authorization enables you to use RACF® Version 2 or later, or a comparable SAF product, to restrict access to commands, keywords, and values, and to grant operator access to them. You do this by defining the commands, keywords, and values as resources in the NETCMDS class of the SAF product, and then selectively granting operator access. You can also specify commands, keywords, and values that are accessible universally. Refer to the CNMSAF2 sample for a RACF example. For the GDPS Active/Active Continuous Availability solution, refer to the AQNSAF sample. When you make changes, you can have them take effect by requesting the SAF product to refresh the NETCMDS class definitions. You do not have to issue NetView commands to include the changes.