Page 1 of 1

How to accept TSO user id

PostPosted: Mon Jan 27, 2014 4:01 pm
by bandigurunath
Hi,
I am new to REXX programining.My query is i need to give edit access to a specific file for specific user id's. I am planning to accept their useid's thru TSO teminal( When ever the user enter with there credentials in TSO at that time only he can edit the file). In REXX how to accept the user id?
Thank you.

Re: How to accept TSO user id

PostPosted: Mon Jan 27, 2014 4:39 pm
by enrico-sorichetti
speak to Your security support group

Re: How to accept TSO user id

PostPosted: Mon Jan 27, 2014 7:50 pm
by dick scherrer
Hello,

You do not do this. The security admins can tell you how to modify access to the dataset(s).

None of this should be in the REXX code.

Re: How to accept TSO user id

PostPosted: Wed Jan 29, 2014 11:36 pm
by Pedro
It is not clear what you mean here:
When ever the user enter with their credentials in TSO at that time only he can edit the file


Perhaps it works differently somewhere else, but my experience is that you cannot logon and use TSO without already providing your password. You have already proved who you are. Why would you need more 'credentials'?

Re: How to accept TSO user id

PostPosted: Wed Jan 29, 2014 11:57 pm
by steve-myers
Pedro: I think bandigurunath is proposing that he validates the userid by obtaining the user's password. bandigurunath: in theory this can be done by an authorized Assembler program, but it is not going to happen in Rexx. Period. Full stop. End of story.

Re: How to accept TSO user id

PostPosted: Thu Jan 30, 2014 7:59 am
by dick scherrer
Hello,

The users will provide their id and pswd to log in.

Permission will have to be granted to allow them to edit. This should be done with your security admins.

Re: How to accept TSO user id

PostPosted: Thu Jan 30, 2014 12:11 pm
by sureshpathi10
I guess, you have list of ID's who has authority to edit that particular dataset. And in you rexx code, you have to get logged user-id and compare with your existing list and proceed with edit dataset..

If I guessed correctly, you need
userid()
built-in-function, which will give current logged in user id.

But as mentioned earlier by others, these edit authority should be in the hand of security admin.

Re: How to accept TSO user id

PostPosted: Thu Jan 30, 2014 10:27 pm
by dick scherrer
Hello,

built-in-function, which will give current logged in user id.
No, this should NOT be done . . .

The permissions need to be enforced in security, NOT the code.

Re: How to accept TSO user id

PostPosted: Thu Jan 30, 2014 10:33 pm
by Pedro
1. the user has already verified the credentials by providing userid and password to log in.
2. the administrator should issue PERMIT commands to grant permission prior to the user needing access.
3. RACF will manage the list of users authorized to edit a data set.
4. When someone tries to edit a data set, at that time the system determines whether he is not allowed to edit or not and if so, "at that time only he can edit the file"

That is the way the system is supposed to work, without any user written code.

If you are the one to manage the list of authorized users, contact the security administrator to make sure you have RACF CONTROL authority over the data set. You need to be able to issue PERMIT and LISTDSD commands.