Currently we run the TYPE=TRUSTED CLASS=DATASET with "userid_privilege=permitUsr", "userid_privilege=permitGrp" Or "userid_privilege=Uacc".  Now we want to run a similar report but this time looking for "*" in the access list.   I tried to run "userid_privilege=*", and not finding much in the manual to help.  Is it possible to run the Trusted report for users gaining access thru ID(*)?

 NEWLIST type=trusted 

   select class=dataset userid_privilege=*

   summary complex(8) | ";" |,

           resource(44) | ";" |,

           racf_profile(44) | ";" |,

           racf_profile:uacc(7) | ";" |,

           "*"(8) | ";" |,

           "-"(8) | ";" |,

           access | ";" |,

           risk | ";" |,

           senstype | ";" |,

           auditpriority | ";" |,

           concern(firstonly,138) | ";" |,

           VOLSER(6)

Thanks,

Brent Brimacomb

Wells Fargo Bank

Hi Brent,

If want to report the trusted access to sensitive datasets permitted to ID(*), then you need to replace userid_privilege=* with userid='*' in your select statement. This will produce a report of trusted data set that are accessible through ID(*). Note that I have used quotation marks around * to enforce a character search for * rather than treating the * as a wildcard.

Hope this helps. 

------------------------------
Tom Zeehandelaar
z/OS Security Enablement Specialist - zSecure developer
IBM
------------------------------