Granting and Revoking Access to Files Spaces

Contents
vmx32besp
Contents
Using the
VM:Secure
GRANT AUTHORITY and REVOKE AUTHORITY commands, an authorized user can grant and revoke access to files and directories in one or more SFS file spaces in any file pool controlled by
VM:Secure
. The issuing user does not need to own the file spaces or have SFS administrator authority.
The
VM:Secure
GRANT AUTHORITY and REVOKE AUTHORITY command syntax is identical to the syntax of the CMS GRANT AUTHORITY and REVOKE AUTHORITY commands.
For an explanation of the GRANT AUTHORITY and REVOKE AUTHORITY commands and how to use them, see the section "Command Reference" in the
Reference
.
Preparing to Use GRANT AUTHORITY and REVOKE AUTHORITY Commands
  • Give the
    VM:Secure
    service virtual machine SFS administrator authority on an ADMIN record in the DMSPARMS configuration file of every file pool for which GRANT AUTHORITY and REVOKE AUTHORITY commands will be issued.
  • Give GRANT AUTHORITY and REVOKE AUTHORITY authorization to the users who will be issuing the commands.
    For information about granting authorizations to the GRANT AUTHORITY and REVOKE AUTHORITY commands, see the
    section Authorizations.
  • Enable the
    VM:Secure
    Servant Facility.
  • VM:Secure
    uses a servant to issue the GRANT AUTHORITY and REVOKE AUTHORITY commands. Additionally,
    VM:Secure
    dynamically gives to (and revokes from) the servant the required SFS administrator authorization.
  • If required, verify
    VM:Secure
    has access to the DMSJNE file.
    DMSJNE is an optional customer - written routine that resolves user IDs on other systems to a local user ID when a nickname is specified on a command. If your site uses the DMSJNE routine,
    VM:Secure
    must have access to it because
    VM:Secure
    calls DMSJNE to help resolve nicknames and user IDs on other systems.
    For additional information about DMSJNE and nickname resolution, see the appropriate IBM
    SFS and CRR Planning and Administration
    documentation.