Question & Answer
Question
During warning mode, RACF allows all requesters to access the resource, and, if the requester would not otherwise be allowed access, RACF sends a message to the requester.
What would the EXEC CICS QUERY SECURITY command return if a user does not have access to a resource in RACF and RACF is in Warning mode?
Answer
The EXEC CICS QUERY SECURITY command will always return the correct information whether in warning or failure mode. So for example if a userid only has read access to CEMT they would get the following returned from the QUERY SECURITY command for both modes:
REAd( +0000000035 ) = READABLE
Update( +0000000038 ) = NOTUPDATEABLE
Control( +0000000057 ) = NOTCTRLABLE
Alter( +0000000053 ) = NOTALTERABLE
If RACF is in WARNING mode then the user is still able to use CEMT, however if the profile is switched to FAIL then the user would no longer have access to CEMT.
Product Synonym
CICS/TS CICSTS CICS TS CICS Transaction Server
Was this topic helpful?
Document Information
Modified date:
11 May 2017
UID
dwa1373963