Previous Topic: Security Tab

Next Topic: MVS Privileges 2 Tab

Screens and TabsTabsEndpoint Account Management TabsCA Top Secret (Plugin Connector)MVS Privileges 1 Tab

MVS Privileges 1 Tab

Use this tab to specify basic MVS account privileges.

The fields in this tab are listed below:

Allow

Bypass Checking

Audit

TSS Modify

Specifies whether to authorize the acid to issue the TSS Modify command. The TSS Modify command is used to temporarily change global system defaults specified by CA-Top Secret control options.

This is the equivalent of entering a TSS ADD(acid) CONSOLE command.

No Automatic DSN Protection

Prevents MVS data sets created by the acid from being automatically secured through the RACF bit setting.

This is the equivalent of entering a TSS ADD(acid) NOADSP command.

DUF Extract

Specifies whether to authorize the acid to issue RACROUTE REQUEST=AUTH(RACHECK) macros or extract installation data (INSTDATA) from a Security Record from the CA-Top Secret Application Interface. DUF is the CA-Top Secret Dynamic Update Facility component.

This is the equivalent of entering a TSS ADD(acid) DUFXTR command.

No Password Change

Prevents an acid from changing its password.

DUF Update

Specifies whether to authorize the user to use the CA-Top Secret Application Interface to update the installation data (INSTDATA) field of a Security Record. DUF is the CA-Top Secret Update Facility component.

This is the equivalent of entering a TSS ADD(acid) DUFUPD command.

Multi Password

Specifies that the acid needs a different password to access each facility.

MRO

Authorizes the acid to store or remove other user and profile Security Records in the Common System Storage (CSA or ESCA) so that information can be accessible to all online regions.

Language Pref

Specifies a one-character language preference code.

No Automatic Terminal Signon

Prevents an acid from signing on via ATS (Automatic Terminal Signon) in the CICS, IMS and CA-IDMS facilities.

This is the equivalent of entering a TSS ADD(acid) NOATS command.

External Device

Specifies a physical security key for an external authentication device.

DSN

Specifies whether or not the acid will authorized to bypass security checking when accessing data sets.

This is the equivalent of entering a TSS ADD (acid) NODSNCHK command.

LCF

Specifies whether to bypass security checking when the acid attempts to access resources that are secured by the Limited Command Facility (LCF).

This is the equivalent of entering a TSS ADD (acid) NOLCFCHK command.

Mdisk

Specifies whether to bypass security checking when the acid attempts to access VM minidisks.

This is the equivalent of entering a TSS ADD (acid) NOVMDCHK command.

Resource

Specifies whether to bypass security checking (including auditing) when the acid attempts to access all owned resources except data sets and volumes.

This is the equivalent of entering a TSS ADD (acid) NORESCHK command.

Job Submit

Specifies whether to bypass security checking when the acid submits a job.

This is the equivalent of entering a TSS ADD(acid) NOSUBCHK command.

Volume

Specifies whether to bypass security checking when the acid attempts to access a secured volume.

This is the equivalent of entering a TSS ADD(acid) NOVOLCHK command.

Suspend

Lets an acid bypass suspension due to violations (VTHRESH).

Log All Activities

Specifies whether logging will be performed for all access attempts made by the acid.

Security Trace

Specifies whether to activate a security trace when the acid logs on.

To assign this parameter to another acid, you must have MISC9(TRACE) administrative authority.

Master Facility

Specifies a facility that will be used to override the default facility (determined by a batch or started task) that is associated with a multi-user facility such as IMS or CICS.

For example, the default CICS facility is CICSPROD. MASTFAC allows you to change that to CICSTEST or any to other defined CICS facility.