Granting Authorization to a Command or Utility

Before you grant authority to users to use a command or utility, you need to know what authorizations cacc requires to perform different functions.
vmx32besp
Before you grant authority to users to use a command or utility, you need to know what authorizations
VM:Secure
requires to perform different functions.
Contents
Authorizations and GRANT Records
The table Authorization to Use
VM:Secure
Commands and Utilities
lists the authorizations a user must have to issue each
VM:Secure
command, menu selection, and utility. When you find the command or utility to which you want to grant authority, specify the appropriate authorization on a GRANT record.
Examples:
You want to let CARLAT use the ADMIN command and all of its parameters. Do this by specifying the ADMIN command’s authorization, ADMIN, on a GRANT record in the AUTHORIZ CONFIG file:
GRANT ADMIN TO CARLAT
To let OPERATOR use the ABEND command, use this GRANT record:
GRANT ABEND TO OPERATOR
Granting Authorization to Parts of a Command
You can authorize users so that they can use a command with only selected parameters or options, without giving the users authorization to use all of them.
Examples:
To authorize CARLAT to use only the MANAGERS parameter of the ADMIN command, add the following GRANT record to your AUTHORIZ CONFIG file:
GRANT ADMIN MANAGERS TO CARLAT
You can authorize both CARLAT and WOODYB to use only the MANAGERS parameter of the ADMIN command on a single GRANT record:
GRANT ADMIN MANAGERS TO CARLAT WOODYB
Waiving Password Requirements for Commands
Many 
VM:Secure
 commands require users to enter their logon passwords when they issue the command.
To authorize user IDs to use a command without having to enter their logon passwords, give the user IDs NOPASS authorization. NOPASS authorization and authorization to use the command are given in separate records.
Not all commands require logon passwords by default. For a list of commands that do not require logon passwords, see "Logon Password Prompts" in Command Reference.
Examples:
To authorize WOODYB to use the ASSIGN command without entering his logon password each time he issues the command, add the following two GRANT records to your AUTHORIZ CONFIG file:
GRANT ASSIGN TO WOODYB GRANT NOPASS ASSIGN TO WOODYB
To let WOODYB enter any command without entering his password, use the following GRANT record, after first adding GRANT records for the commands:
GRANT NOPASS TO WOODYB
To authorize WOODYB to use the 
VM:Secure
 GRANT AUTHORITY command for all file spaces without entering his logon password each time, add the following GRANT records to your AUTHORIZ CONFIG file:
GRANT GRANT AUTHORITY *.* TO WOODYB GRANT NOPASS GRANT TO WOODYB
To authorize WOODYB to use the 
VM:Secure
 REVOKE AUTHORITY command for all file spaces without entering his logon password each time, add the following GRANT records to your AUTHORIZ CONFIG file:
GRANT REVOKE AUTHORITY *.* TO WOODYB GRANT NOPASS REVOKE TO WOODYB