HCL Workload Automation, Version 9.4

Security

Security is enforced in several areas, usually, RACF, Top Secret, and ACF2. The EEWSERVE job must have the ability to submit jobs that run under the user IDs that are supplied in the JCL to be submitted. The JCL must not contain passwords. This can be authorized by using SURROGAT class resources in RACF, and the equivalents in ACF2 and Top Secret. PROPCNTL class resources in RACF can be used to prevent submitted jobs from running under the EEWSERVE user ID. ACF2 and Top Secret equivalents can also be used. Resource class JESJOBS in RACF, and ACF2 or Top Secret equivalents, can be used to control which job names and user IDs (with or without passwords) can be submitted by EEWSERVE.