Restricting change of history file settings

By default, all users with UPDATE access to a history file can change the history file prefix or the minimum or maximum number of fault entries.

Either of the following methods can be used:

The action-bar option File > Change Fault History File Settings in the Fault Analyzer ISPF interface. For details, see Change fault history file settings.
The SetFaultPrefix, SetMaxFaultEntries, and SetMinFaultEntries batch utility functions. For details, see IDIUTIL control statements.

To restrict the change of settings for a given history file using either of the above methods, the security administrator can define an IDI_ADMIN XFACILIT profile for the history file, to which access can be granted as appropriate.

Figure 1. Syntax

where history-file-dsn is the fully qualified data set name of the history file.

To change history file settings after the IDI_ADMIN XFACILIT profile is defined, a user must have both of the following access permissions:

UPDATE (or greater) access to the IDI_ADMIN XFACILIT profile
UPDATE (or greater) access to the history file, through either normal security server data set profiles, or through XFACILIT (for details, see Managing history file fault entry access).

The following sample RACF® commands define an IDI_ADMIN XFACILIT profile for history file MY.HIST and grant Fault Analyzer administrator authorization to change settings for users who are members of group PAYROLL:

RDEFINE XFACILIT IDI_ADMIN.MY.HIST UACC(NONE)
PERMIT IDI_ADMIN.MY.HIST CLASS(XFACILIT) ID(PAYROLL) ACCESS(UPDATE)