Allowing a TSO user to cancel all jobs originating from local nodes

To allow a TSO user to cancel all jobs that originate on nodes you treat as local nodes, do the following:

Define a profile named &RACLNDE in the RACFVARS class, specifying on the ADDMEM operand which nodes are to be treated as local:
```
RDEFINE RACFVARS &RACLNDE UACC(NONE) ADDMEM(POKMVS1 POKMVS2)
```
UACC(NONE) is recommended to protect the &RACLNDE profile itself.
Define a profile in the JESJOBS class as follows:
```
RDEFINE JESJOBS CANCEL.&RACLNDE.*.* UACC(NONE)
```
This example assumes that a SETROPTS GENERIC(classname) was previously issued to turn generics on for this class and that a SETROPTS REFRESH was then done.
Give the appropriate access to the TSO user:
```
PERMIT CANCEL.&RACLNDE.*.* CLASS(JESJOBS) ID(USER1) ACCESS(ALTER)
```
If there are any other JESJOBS resources that begin with CANCEL, you might also need to permit users appropriate access to those.
If you have not already done so, activate the JESJOBS and RACFVARS classes:
```
SETROPTS CLASSACT(JESJOBS RACFVARS)
```
Refresh SETROPTS RACLIST processing for the RACFVARS class for the change to take effect:
```
SETROPTS RACLIST(RACFVARS) REFRESH
```

If, later, you decide that node POKMVS2 should no longer be treated as a local node, do the following:

RALTER   RACFVARS &RACLNDE DELMEM(POKMVS2)
SETROPTS RACLIST(RACFVARS) REFRESH
SETROPTS GENERIC(JESJOBS)  REFRESH

Also, be sure to issue the SETROPTS RACLIST REFRESH or GENERIC REFRESH commands for any classes that contain profiles that use the RACFVARS value affected by your change.

If, later, you decide that USER2 should also be allowed to cancel local jobs, do the following:

PERMIT   CANCEL.&RACLNDE.*.* CLASS(JESJOBS) ID(USER2) ACCESS(ALTER)
SETROPTS GENERIC(JESJOBS) REFRESH