Tom Conley wrote: >I've had a very hard time enabling the new commands in SDSF.
Indeed. Catch-all profiles in WARNING in a sandbox help a lot. >Issue the TRACE ON;TRACE 80 command, then your failing APF command, then TRACE >OFF. Do a DA OJOB, and a ? in front of the user's TSO session, and look at >the ISFTRACE DD. The RACF profiles are listed in there and you should see the >profile you're failing on. Or you can use the pulldown menu in OPTIONS. Select "22 Set security trace..." After selecting you see a new menu. Where default is 3, check nr 2, 'Issue write-to-programmer messages'. For APF screen, I get this: ISF050I USER=? GROUP=ISFSPROG PROC=? TERMINAL=? ISF051I SAF Access allowed SAFRC=0 ACCESS=READ CLASS=SDSF RESOURCE=ISFCMD.ODSP. APF.???? ISF059I SAF Access allowed SAFRC=(0,0,0) ACCESS=READ CLASS=SDSF RESOURCE=ISFCMD .FILTER.SYSNAME *** There are two notes - Check the GROUP which is defined in ISFPRMxx PARMLIB menber. Check all the CLASS profiles used too. It also depends on your Filter, Prefix, Owner, Sysname, etc. what you can eventually see or not see. Groete / Greetings Elardus Engelbrecht ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
