List of Contributions

Linnea Sullivan

Contact Details

My Content

1 to 20 of 50+ total
Posted By Linnea Sullivan Thu March 28, 2024 08:48 AM
Found In Egroup: IBM Security Z Security
\ view thread
Is there a field or function that we can acquire the current system date and time via Carla. We want to compare the system date/time with a value that is located in an input file and make a determination on time lapsed. ------------------------------ Linnea Sullivan ---------------------------- ...
Posted By Linnea Sullivan Fri February 09, 2024 08:33 AM
Found In Egroup: IBM Security Z Security
\ view thread
When running the Unused Profile Cleanup utility in batch I noticed a concern on the field PERM#. define Perm#(8," Pe/UACC",dec,noprop) count Let's say you have an environment of 3 LPARs/PLEXes and each has its own RACF DB that is kept in sync with RRSF. If you want to determine profile usage you ...
Posted By Linnea Sullivan Wed January 03, 2024 02:01 PM
Found In Egroup: IBM Security Z Security
\ view thread
I opened case TS015098231 with IBM, and they suggested I ask the question here. I cannot seem to locate much documentation or training on producing XML formatted reports within zSecure. Some of what I have learned so far is from trial/error and a few pages from a 3rd party training group. I am training ...
Posted By Linnea Sullivan Thu November 30, 2023 11:05 AM
Found In Egroup: IBM Security Z Security
\ view thread
Reviewing some of my parm members we have been using the last 2 years to ensure they are set up correctly because we are about to configure a new environment to gather Access Monitor Data. From reading the documentation C2PAMJOB supposedly used to specify a User ID or User ID prefix in which you ...
Posted By Linnea Sullivan Wed October 25, 2023 12:56 PM
Found In Egroup: IBM Security Z Security
\ view thread
Is there a field/varriable that represents if the group is on a dataset/general profile access list? Or a counter on the number of times its on an access list? We want to see if there are groups we potentially want to cleanup because they might not serve a purpose. ------------------------------ ...
Posted By Linnea Sullivan Tue August 08, 2023 12:45 PM
Found In Egroup: IBM Security Z Security
\ view thread
The AM.3 screens in ISPF shows based on the AM data when the last time a permission was used. Looking at the data dictionary it seems the RESOURCE name is a field for that record type. We are running some of the TRUSTED reports and noticed some of the TRUSTED datasets are using for example the "SYS1.**" ...
Posted By Linnea Sullivan Fri June 02, 2023 10:12 AM
Found In Egroup: IBM Security Z Security
\ view thread
Thanks, that worked. Are there any issues of using the same field name on a UserID, Group, and a Resource Profile? I mentioned we are getting heavier in using CSDATA. Is there any documentation or sample library of carla that shows examples of using CSDATA? The ISPF panels don't ...
Posted By Linnea Sullivan Thu June 01, 2023 05:13 PM
Found In Egroup: IBM Security Z Security
\ view thread
I have several questions on CSDATA reporting. We are trying to look up the access of 2 dataset profiles and RESOLVING the group access to the User IDs. We want to include the CSDATA field $FIELD1 from the UserID record. But for some reason what we are seeing with the look up does not match what ...
Posted By Linnea Sullivan Tue May 23, 2023 02:16 PM
Found In Egroup: IBM Security Z Security
\ view thread
Trying to create an inactivity report based on data in the CSDATA segment. I know that I need to do 2 NEWLISTs to make this happen. My 1st NEWLIST sets the segment to CSDATA and selects all User IDs with the CSDATA field of $FIELD1. The 2nd new list sets the segment to BASE and selects the users based ...
Posted By Linnea Sullivan Mon May 08, 2023 03:36 PM
Found In Egroup: IBM Security Z Security
\ view thread
I opened a case TS012958771 and they could not find a resolution. Suggest I ask the question here. Using NEWLIST TYPE RACF_ACCESS trying to the SUMMARY Command to print a date in the following format DDMMMYYYY. This works when the days are 2 digits, but not on days that are a single digit. I saw in ...
Posted By Linnea Sullivan Mon May 01, 2023 02:57 PM
Found In Egroup: IBM Security Z Security
\ view thread
Rob, we are continuing to play with the merge function, but we are seeing some strange results. Majority of the changes the merge suggests is right on target just these 2 instances are strange: #1. In the STARTED Class SITEA has several profiles create with no access list. SITEB does not have these ...
Posted By Linnea Sullivan Tue April 18, 2023 01:20 PM
Found In Egroup: IBM Security Z Security
\ view thread
Rob, we been trying out everyone's suggestions, but so far we think your suggestion fits the best. But we did notice something and did not know if it was intentional or an oversight. If we compare the base to the target, we see the target contains USERIDs that do not exist on the base. We think the IDs ...
Posted By Linnea Sullivan Mon April 17, 2023 01:21 PM
Found In Egroup: IBM Security Z Security
\ view thread
I am attempting to clean up my RACF DB of permissions that have not been used in a year. I started with AM.3 (PERMIT) and I can run a report of permissions that have been used before but have no activity in a year. But I also see permissions that have never been used that need to be cleaned up as well. ...
Posted By Linnea Sullivan Fri March 31, 2023 10:13 AM
Found In Egroup: IBM Security Z Security
\ view thread
Thanks for the information. Followup on #2. I understand when a userid is listed in field, but I am literally seeing "USERID(->)" There is no user ID on either side of the ->. In Rob's earlier response it pointed me to the sample library where I found C2RJMSYN. It seems to be capable of analyzing ...
Posted By Linnea Sullivan Thu March 30, 2023 12:34 PM
Found In Egroup: IBM Security Z Security
\ view thread
Tom, so my team looked at those 2 videos, and have ran some tests, and we have a few questions: We are rolling out zOS 2.5. PHRINT(Phrase Interval) is new with 2.5. When I compare against a 2.4 system every User ID is an exception. Anyway to exclude a field from the comparision? When comparing ...
Posted By Linnea Sullivan Wed March 22, 2023 09:37 AM
Found In Egroup: IBM Security Z Security
\ view thread
Does zSecure have a utility that would compare one RACF DB to another RACF DB? Or compare 2 zSecure unloads? Our multiple systems are connected via RRSF, so in theory the databases should be in sync. However, I do some cases where that is not the case. I would like to produce a report of what ...
Posted By Linnea Sullivan Fri February 24, 2023 12:59 PM
Found In Egroup: IBM Security Z Security
\ view thread
Two questions: I have some administration activity happening where when new User IDs are being created the NAME field is being set to the User ID itself, or the name field contains the User ID. I have tried to code various SELECT statements to select when the NAME equals the User ID or the NAME ...
Posted By Linnea Sullivan Tue December 13, 2022 08:42 AM
Found In Egroup: IBM Security Z Security
\ view thread
When I look in zSecure IN.D to see the data dictionary for type SMF, I see 2 fields that would show me the target of the RACF command called RACFCMD_USER and RACFCMD_GROUP. When I look in the data dictionary for type CKXLOG I do not see similar fields for command logger. I would rather pull this information ...
Posted By Linnea Sullivan Wed October 26, 2022 09:07 AM
Found In Egroup: IBM Security Z Security
\ view thread
We are wanting to enhance our implementation of PROPCNTL. Does Access Monitor record any activity concerning PROPCNTL? I am looking to see if it can show me potential instances I should create PROPCNTL profiles. From what I can tell it seems the data may not be present. ------------------------------ ...
Posted By Linnea Sullivan Wed October 19, 2022 11:22 AM
Found In Egroup: IBM Security Z Security
\ view thread
Simon, that worked great. Still looking to see if there is a way to "require" the administrator to provide a reason, similar to the controls around ckxlogid. ------------------------------ Linnea Sullivan ------------------------------