Skip to main content

Not able to see Resource drop down on ESMAC (using OPENLDAP)

  • February 5, 2014
  • 1 reply
  • 0 views
D

I have configured MLDAP as external security manager but  I am  not able to see Resource drop option when I am logged in as SYSAD user.

I  defined OPERCMDS class to start the regions. 

Now I am trying to configure to see the options under 'Resource' drop down (left hand menu) under ESMAC.

Although I have defined MFESMAC to include:

Entity Description ACL String
JCL   allow:#DSAdmin group:alter
GRP   allow:#DSAdmin group:alter,update

and DATASET class to include

Entity Description ACL String
** Access rules for ** datasets allow:#DSAdmin group:alter

...but I am still not able to see Resource drop option when I am logged in as SYSAD user.


#EnterpriseServer

1 reply

D

I have configured MLDAP as external security manager but  I am  not able to see Resource drop option when I am logged in as SYSAD user.

I  defined OPERCMDS class to start the regions. 

Now I am trying to configure to see the options under 'Resource' drop down (left hand menu) under ESMAC.

Although I have defined MFESMAC to include:

Entity Description ACL String
JCL   allow:#DSAdmin group:alter
GRP   allow:#DSAdmin group:alter,update

and DATASET class to include

Entity Description ACL String
** Access rules for ** datasets allow:#DSAdmin group:alter

...but I am still not able to see Resource drop option when I am logged in as SYSAD user.


#EnterpriseServer

What product and version are you running?

In the sample security configuration provided by Micro Focus, SYSAD is not a member of the #DSAdmin group. It's a member of SYSADM, DEVGROUP, OPERATOR, INTERCOM, and ALLUSER.

The group names that begin with "#" are meant for MFDS / Enterprise Server Administration security only. (They're actually a historical relic of the old MFDS security mechanism.) They shouldn't be used for ESMAC or VSAM security.

So I'd suggest changing those ACLs to "allow:SYSADM group:alter" and seeing if that resolves the issue.

I'm not sure exactly what permissions ESMAC is looking for in this case, so if you still have the problem, you may need to raise a support issue so we can refer this to the appropriate development team.

Recent badge winners

Explore all badges
Terms & ConditionsAccessibility statement