Florian Luetscher wrote: >I would like to give a group of users access to browse and only browse a VSAM >dataset using DITTO.
As Binyamin Dissen said, just give Read access. >The DITTO/ESA Inst. and Cust. Guide references a RACF profile >DITTO.VSAM.UPDATE. But that's exactly what I dont want to give them. Maybe >access to PROGRAM(DITTO) is enough. You can use PROGRAM(DITTO) which is useful for limiting usage of DITTO itself for example, but not for above scenario for VSAM datasets. >Any idea how to proper set up RACF in this case? Try giving access to DITTO.VSAM.UPDATE in FACILITY Class to certain persons/groups and create DITTO.** and give it UACC = Read. (See Binyamin's note above.) Or just use this for example: DITTO.FUNCTION.VB <-- Browsing VSAM datasets. Give UACC=READ. DITTO.FUNCTION.VE <-- Editing VSAM datasets. Give specific access as needed. DITTO.** <-- To close all remaining DITTO holes. Remember to protect your VSAM datasets properly too. This is more important. Protect the resources, not the tools only. That should get you a go. Groete / Greetings Elardus Engelbrecht ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
