IBM Security Z Security

 View Only

 CMD VER - post command / appldata

Joseph Sumi's profile image
Joseph Sumi posted Mon June 16, 2025 07:55 PM

Hello - i've tried several things with the APPLDATA and the &PROFILE but I cannot get the ADDSD to work: 

Profile name                  C4R.ADDUSER.=PSTCMD.TSO.ADD    

Application data              ADDSD &PROFILE.* OWNER(&PROFILE) UACC(NONE)

 

Mike Riches's profile image
Mike Riches posted Tue June 17, 2025 02:49 AM

Hello Joe,
When you say you cannot get the ADDSD to work, do you mean that you see an error when it is executed, like this:

IKJ56712I INVALID KEYWORD, .*                                                                                                       
C4R917E Post-command failed, processing terminated                                                                                  

or do you mean something else?

Since the October 2024 SSE, zSecure Command Verifier supports invoking REXX or CLIST via =PSTCMD profiles and there is an example of this here:
https://www.ibm.com/docs/en/szs/3.1.0?topic=replacement-example-5

Perhaps that could be used to generate the required ADDSD command you need.

Guus Bonnes's profile image
Guus Bonnes posted Tue June 17, 2025 09:34 AM

I don't know what kind of messages you see (or don't see), but I would put the dataset profile name (&PROFILE.*) in between quotes. If you're entering the appldata through TSO, ensure that the quotes are doubled.

Joseph Sumi's profile image
Joseph Sumi posted Tue June 17, 2025 10:25 AM

Hello - thanks Mike, that is something i will consider.

Guus -

APPLDATA -   ADDSD ("&PROFILE.*") OWNER(&PROFILE) UACC(NONE)


ICH01024I User JJSETST  is defined as PROTECTED.         
IKJ56702I INVALID DATASET NAME, .*"                      
C4R917E Post-command failed, processing terminated   

Guus Bonnes's profile image
Guus Bonnes posted Tue June 17, 2025 03:55 PM

Aha... two remarks

1) I meant use two consecutive single quotes in stead of the single 'double-quote-character'

2) &PROFILE stands for the list of profiles that could be specified in the original command. And in preparation for the list, a blank is automatically inserted at the end of each possible entry/value. So, the generated command has invalid syntax for the ADDSD command. If you use &PROFILE(1), Command Verifier will only use the first value. 
If you use &PROFILE(1) for both instances in the APPLDATA, there will be another error message. I think there is a minor defect in the CV support for use of the same variable in the command twice. Anyway, in your case that doesn't matter. Simply use (if overtyped in zSecure)
APPLDATA :  ADDSD ('&PROFILE(1).*') OWNER(&PROFILE) UACC(NONE)
or
APPLDATA ('ADDSD (''&PROFILE(1).*'') OWNER(&PROFILE) UACC(NONE)')
when used in a TSO RALTER command.

Mike Riches's profile image
Mike Riches posted Wed June 18, 2025 02:27 AM

Hi Joe and Guus,

From my testing having brackets around &PROFILE(1).** resulted in an error, i.e. when APPLDATA showed as: ADDSD '(&PROFILE(1).**)' OWNER(&PROFILE) UACC(NONE)

I then changed it to remove the brackets:

 ralter XFACILIT C4R.ADDUSER.=PSTCMD.TSO.ADD appldata('ADDSD ''&PROFILE(1).**'' OWNER(&PROFILE) UACC(NONE)')

Note, they are double single quotes, rather than speech mark double quotes around &PROFILE(1).**. The APPLDATA then looked like this: ADDSD '&PROFILE(1).**' OWNER(&PROFILE) UACC(NONE)

and it worked fine.

Mike Riches's profile image
Mike Riches posted Wed June 18, 2025 03:40 AM

Ah, I had the quotes and the brackets nested the wrong way round from how Guus described things!

Related Content