Hi
I ran daily report to find the commands issued by RACF admin
N TYPE=SMF NOPAGE
DEF TYPE=SMF COMTYPE(CHAR,12) AS WORD(LOGSTR,4,' ')
S (APPL=CNGRACF OR LOGSTR=:CNGRACF OR APPL=CKGRACF OR LOGSTR=:CKGRACF),
date=today type=(80,81,83)
X (LOGSTR=:"CKGRACF CMD" OR LOGSTR=:"CKGRACF SHOW" OR
LOGSTR=:"CKGRACF LIST")
sortlist date(7) time(5) user("Admin_ID") USER:NAME("ADMIN_NAME",20),
racfcmd_user(8,"User") racfcmd_user:NAME("USER_NAME",20),
COMTYPE('COMTYPE',12) appl,
LOGSTR('COMMAND',hor,wrap,0)
i can see from report we i use zsecure visual client options 1- SET Password or RESUME for users the report shows as the command issued 2 times
the below report come from only one run of set password option in GUI
CKGRACF USER xyz PWSET PASSWORD(********) EXPIRED REQUEST
CKGRACF USER xyz RESUME REQUEST
CKGRACF USER xyz PWSET PASSWORD(********) EXPIRED REQUEST
CKGRACF USER xyz RESUME REQUEST
same happen if you use from TSO EV.2
CKGRACF zSecure Admin CKGRACF commands report
would you please adivse about this and why this happen?
Thanks
Mohammed Ibrahem
------------------------------
Mohammed Ibrahem
------------------------------