We are seeing instances of when CKGRACF commands are used, that the Command Audit trail is not being updated.
In zSecure if I list a User ID, and put a P beside the ID to perform a password change, and I fill in the appropriate fields and press enter I can choose Option 1 for the command to be executed as a RACF command or 2 as a CKGRACF command. If I choose CKGRACF, the command executes successfully, but the command audit trail is not updated. If I choose RACF, the command audit trail is updated.
If I list a User ID and put a CO beside the ID to connect the ID to a group, I am given the same options to process the function as a RACF Command or CKGRACF command. In this case both RACF and CKGRACF commands do update the audit trail.
Did we miss setting up an option that audits all CKGRACF commands in the audit trail?
------------------------------
Linnea Sullivan
------------------------------