who has created an userid in the system?



All about SAF, RACF, encryption, Firewall, Risk assessment and integrity concepts

who has created an userid in the system?

Postby parthiban » Fri Sep 17, 2010 9:07 pm

Hi ,

In racf , How to find out who has created an user id in the system.where can we find out RACF db or SMF or syslog ?
Parthiban jayaraman
mainframe rexxer,
Banglore
parthiban
 
Posts: 66
Joined: Mon Oct 20, 2008 7:54 pm
Location: Bangalore-India
Has thanked: 0 time
Been thanked: 0 time

Re: who has created an userid in the system?

Postby Robert Sample » Fri Sep 17, 2010 9:15 pm

AFAIK, RACF does not record who created a user id nor is there anything in SMF about who created the user id.
Robert Sample
Global moderator
 
Posts: 3719
Joined: Sat Dec 19, 2009 8:32 pm
Location: Dubuque, Iowa, USA
Has thanked: 1 time
Been thanked: 279 times

Re: who has created an userid in the system?

Postby dick scherrer » Fri Sep 17, 2010 11:17 pm

Hello,

Unless the system is completely out of control, only a few people have authorization to add users. . .

Simply asking should be an easy to find out.
Hope this helps,
d.sch.
User avatar
dick scherrer
Global moderator
 
Posts: 6268
Joined: Sat Jun 09, 2007 8:58 am
Has thanked: 3 times
Been thanked: 93 times

Re: who has created an userid in the system?

Postby steve-myers » Sun Sep 19, 2010 9:06 am

If the real question is more in the nature of what tasks do I have to do to create a userid? (and your userid has the appropriate permissions)
  • Use the ADDUSER command to create the userid in the RACF data base.[
    8]
steve-myers
Global moderator
 
Posts: 2105
Joined: Thu Jun 03, 2010 6:21 pm
Has thanked: 4 times
Been thanked: 243 times

Re: who has created an userid in the system?

Postby steve-myers » Sun Sep 19, 2010 9:25 am

OK. We'll try this again.

If the real question is more in the nature of "What tasks do I have to do to create a userid?" (and your userid has the appropriate permissions)
  • Use the ADDUSER command to add the user to the RACF database/
  • Use the ADDDSD command to create a userid.* profile in the RACF database.
  • Use the DEFINE ALIAS(NAME(userid) RELATE(user-catalog name)) command to create the user alias in the master catalog to a user catalog.
  • Most sites have additional requirements; you'll have to find out about them on your own. The first three are essentially universal. The last time I did this I think there were 10 things I had to do.
If the real question really is the topic; with RACF it might be recorded in SMF, but I rather doubt that's the answer you want. I know the more recent Top Secret releases store this information in access permissions; I don't know about user definition.
steve-myers
Global moderator
 
Posts: 2105
Joined: Thu Jun 03, 2010 6:21 pm
Has thanked: 4 times
Been thanked: 243 times

Re: who has created an userid in the system?

Postby parthiban » Mon Sep 20, 2010 3:44 pm

Hi ,

My actual question is : I want to find out who has created a userid XXXXA in mainframe System? These information where i can get it in SMF or RACF DB?
Parthiban jayaraman
mainframe rexxer,
Banglore
parthiban
 
Posts: 66
Joined: Mon Oct 20, 2008 7:54 pm
Location: Bangalore-India
Has thanked: 0 time
Been thanked: 0 time

Re: who has created an userid in the system?

Postby Robert Sample » Mon Sep 20, 2010 5:17 pm

Ask your site security group who created the user id. If they do not remember, there is nothing on the system that provides the creator of a user id. RACF does not record this. SMF does not record this. It is simply not available on the system -- only personal memory can help you; if none of the security group remembers setting up the user id then your answer is that no, there is no way to tell who created a user id on the system.
Robert Sample
Global moderator
 
Posts: 3719
Joined: Sat Dec 19, 2009 8:32 pm
Location: Dubuque, Iowa, USA
Has thanked: 1 time
Been thanked: 279 times

Re: who has created an userid in the system?

Postby NicC » Mon Sep 20, 2010 11:55 pm

The security group should keep the requests somewhere.
The problem I have is that people can explain things quickly but I can only comprehend slowly.
Regards
Nic
NicC
Global moderator
 
Posts: 3025
Joined: Sun Jul 04, 2010 12:13 am
Location: Pushing up the daisies (almost)
Has thanked: 4 times
Been thanked: 136 times

Re: who has created an userid in the system?

Postby dick scherrer » Tue Sep 21, 2010 12:19 am

Hello,

Usually adding a new user invloves more than some online transaction. . .

There is the request for the id, and a list of which permissions the new user is to be granted. Usually, this involves management signatures (either on paper or electronically).
Hope this helps,
d.sch.
User avatar
dick scherrer
Global moderator
 
Posts: 6268
Joined: Sat Jun 09, 2007 8:58 am
Has thanked: 3 times
Been thanked: 93 times

Re: who has created an userid in the system?

Postby steve-myers » Tue Sep 21, 2010 6:40 am

dick scherrer is correct. Back in the days when I was a Top Secret DCA, I tried to get requests submitted via E-mail, and I tried to save the request in a security request folder if anything came back to me. Nothing ever did, unless the request did not get copied to the system where it was really required, which happened more often than I liked, but I can't recall higher authority ever challenged what I did do.
steve-myers
Global moderator
 
Posts: 2105
Joined: Thu Jun 03, 2010 6:21 pm
Has thanked: 4 times
Been thanked: 243 times

Next

Return to Mainframe Security

 


  • Related topics
    Replies
    Views
    Last post