It's been a few years, but we tried to do this and could never get it to work properly. We finally just disabled the console command completely from within Roscoe - and we eventually got rid of Roscoe as well.
Todd Burrell, PMP, ITIL Expert, CISSPĀ | Project Manager | ITSO AHB | Centers for Disease Control and Prevention (CDC) Contractor - HP Enterprise Services | 1600 Clifton Rd, Building 21, MS D24, RM 1300 | Atlanta, GA 30338 | 404-971-7275 (Blackberry) 404-723-2017 (Mobile) | [email protected] THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is for use only by the intended recipient. If you received this in error, please notify the sender and delete the communication from all computers. -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Jousma, David Sent: Tuesday, March 11, 2014 8:59 AM To: [email protected] Subject: CA-Roscoe shops around? All, Wondering if there is anyone on the list that runs CA-Roscoe that might be able to help. We have for years. Looking to see if anyone has, and might be willing to share any exit code for the CONSOLE monitor command(CONEXIT). Already verified that operator commands issued by users from within a Roscoe region are presented to the operating system under the authority of the Roscoe Started task ID, not under the ACEE of the user. CA does provide a very simple exit to allow for authority checks, but is very rudimentary, and uses a hardcoded ID table. What I am looking for is if someone has already written code to do appropriate SAF checks on OPERCMDS. I hate to re-invent the wheel, but will if necessary. _________________________________________________________________ Dave Jousma Assistant Vice President, Mainframe Engineering [email protected] 1830 East Paris, Grand Rapids, MI 49546 MD RSCB2H p 616.653.8429 f 616.653.2717 This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
