MainframeSupports
tip week 52/2001:

MainframeSupport wishes you a Merry Christmas and a Happy New Year. I will be back monday 7. january 2002.

MainframeSupport ønsker dig en rigtig glædelig jul og et godt nytår. Jeg er tilbage mandag den 7. januar 2002.

Here is a way to give your colleagues a Christmas present. Most of you have personal datasets, that no one else can access, because that is the default. In my experience this is an undesirable default and it is so easy to do something about it.

The TSO command PERMIT * ACCESS(READ) ID(*) will give everybody access to read your datasets. Before you submit this command, you can use TSO LD DA(*) GEN to see what general access other users have to your datasets. If you only want to give selected user access to your datasets, then you fill in the ID parameter with a userid instead of the asteriks. You can also choose to use a RACF group as a userid. Then all users belonging to the RACF group will get access. The parameter ACCESS can have the values UPDATE, CONTROL and ALTER besides READ. UPDATE and CONTROL gives both read and write access. Only in special circumstances is CONTROL different from UPDATE and those circumstances I have forgotten, so they are not important, I believe. Just use UPDATE. ALTER gives access to everything, which means UPDATE and the right to create and delete your datasets.

Watch out if you use the parameter ID(*). Some installations doesn't approve this use. Ask the RACF administrator, if you feel uncomfortable using this parameter. If you have more than one user it is nice to give them ALTER access to each others datasets. After all it is your datasets. I have also noticed, that some installations use ** instead of * to protect your datasets. Use the LD DA(ONE.OF.YOUR.DATASETS) GEN to find out, what profile covers your datasets. I felt a little foolish, when I made a PERMIT * and nothing happened.

Previous tip in english        Sidste danske tip        Tip list