MQ

 View Only
Expand all | Collapse all

ACF2 authorization required for channel ping in z/OS

  • 1.  ACF2 authorization required for channel ping in z/OS

    Posted Mon February 26, 2024 03:22 PM

    We know in RACF - ACCESS(CONTROL)  is required for channel ping - what is the corresponding for ACF2 

    regards

    deb



    ------------------------------
    Debabrata Ghosh
    ------------------------------


  • 2.  RE: ACF2 authorization required for channel ping in z/OS

    Posted Tue February 27, 2024 03:11 AM

    Hi Deb,

    MQ uses the SAF (RACROUTE) interface to make security requests to the security provider configured on the z/OS system. The SAF/RACF terminology documented for MQ needs to be mapped to the equivalent settings for the chosen security provider.

    According to this link https://knowledge.broadcom.com/external/article/11787/resource-access-specifications-in-acf2-v.html the SAF/RACF access level of CONTROL maps to an ACF2 value of DELETE.

    Doug.



    ------------------------------
    Doug Burns
    ------------------------------



  • 3.  RE: ACF2 authorization required for channel ping in z/OS

    Posted Tue February 27, 2024 09:23 AM

    Hi Doug,

        thank you very much.

    regards

    deb



    ------------------------------
    Debabrata Ghosh
    ------------------------------