Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Example: Simple NJE user translation using &SUSER z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
Figure 1 shows how user IDs are translated when &SUSER is specified on the ADDMEM operand. This can be useful when jobs are run on a remote system, but the output is printed on the submitter's system. Note: If you want, you could specify &SUSER on
a third system (as in node C in Figure 1).
Figure 1. Example: Simple
NJE user translation using &SUSER
User X is known as user Y on node B. In this example, user X on node A submits a job that runs on node B. The output is returned to user X's home node (node A) to be printed. On node B, the existence of a NODES profile named A.USERJ.X with UACC(UPDATE) and ADDMEM(Y) means that jobs from user X at node A are to be executed under user Y. On node A, the existence of a NODES profile named B.USERS.Y with UACC(UPDATE) and ADDMEM(&SUSER) means that SYSOUT from user Y at node B is to be owned by the user who originally submitted the job, provided the second lookup is successful. The second lookup involves the submitter of the job (X) and the node that he submitted it from (A). Therefore, on node A, the existence of a NODES profile named A.USERS.X with UACC(CONTROL) and ADDMEM(&SUSER) means that the SYSOUT is to be owned by user X. |
Copyright IBM Corporation 1990, 2014
|