Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Using DFSMSrmm with RACF z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
When you exploit the capabilities of DFSMSrmm, DFSMSdfp, and RACF®, you can protect and manage access to data on tape using RACF profiles in the DATASET class, without activating SETROPTS TAPEDSN or the TAPEVOL class. You can also implement a common authorization for all data sets on a tape volume, and authorize users to overwrite tape volumes using RACF erase-on-scratch processing. If you are new to z/OS® or
have implemented DFSMSrmm (or
equivalent) to protect and manage access to data on tape, you need
not activate SETROPTS TAPEDSN nor the TAPEVOL class. You can use the
following SETROPTS options:
If
you have already implemented RACF tape
volume security, DFSMSrmm supports RACF tape volume security with
any combination of RACF TAPEVOL
and TAPEDSN options. To support your migration to the NOTAPEDSN and
NOCLASSACT(TAPEVOL) environment, DFSMSrmm provides the TPRACF(CLEANUP) option
to delete TAPEVOL profiles and discrete tape DATASET profiles during
the recycling of scratch tapes.Beginning with z/OS Version 1 Release 8, DFSMSrmm supports
the TAPEAUTHDSN and TAPEAUTHF1 options specified in DEVSUPxx member
of SYS1.PARMLIB. (See z/OS MVS Initialization and Tuning Reference for
information about using these options to enable tape authorization
checking.)
|
Copyright IBM Corporation 1990, 2014
|