IBM Security Z Security

Expand all | Collapse all

Display User's Group Hierarchy

  • 1.  Display User's Group Hierarchy

    Posted 14 days ago
    We are migrating a lot of our batch reporting from TSS to RACF.   On the TSS ACID you can basically see the hierarchy of the user.  The user is owned by a Department, which is owned by a Division, which is owned by a Zone.   For us this basically shows the user's organizational structure.    So they have some reporting in TSS that shows something like:

    USERID          DEPT              DIV            ZONE
    USER123       Branch23     SEAST       RETAIL
    USER456       Branch67     NWEST      RETAIL

    Is there a way in Carla to list all users, but show the current owning group, and the superior groups above it.  Like the 2 superior groups above it?


    Linnea Sullivan

  • 2.  RE: Display User's Group Hierarchy

    Posted 13 days ago
    Hi Linnea,

    Interpreting "owning group" as the value of OWNER, you could do something like this:

    s c=user s=base
    x mask='irr*' /* omit irr* certificate anchors */
    sortlist key(8 "USERID") key:owner("DEPT"),
    key:owner:supgroup("DIV") key:owner:supgroup:supgroup("ZONE")

    (If by "owning group" you meant a more complex relationship, something else will be needed.)

    On a related note, when designing reports by department and such, some of the hints documented with the BUNDLE command in the CARLa Command Reference can be helpful.



    Jeroen Tiggelman
    Software Development and Level 3 Support Manager IBM Security zSecure Suite

  • 3.  RE: Display User's Group Hierarchy

    Posted 8 days ago
    Edited by Rob van Hoboken 6 days ago
    If your user ids are in a specific part of the group tree, you can also experiment with the group tree report in RA.3.8, from an UNLOAD.  Click on "include users/subgroups" for best effect.

    Rob van Hoboken