Using the XFACILIT resource class for history file fault entries

If the required access to a history file fault entry is not already available via normal data set profiles, you can use the XFACILIT resource class to provide the access through Fault Analyzer.

To use the XFACILIT process for a history file, restrict the access available to the user via normal data set profiles, and then enable the access via the Fault Analyzer checked XFACILIT profiles. It is not possible to restrict Fault Analyzer access using the XFACILIT resource class beyond what the normal data set profiles allow, which is why the normal history file access should be set to UACC(NONE) for this setup.

The design is to provide permission via XFACILIT, not restriction. For example, if a user cannot even browse a history file using ISPF 3.4, they could still be permitted to use the history file fault entries via Fault Analyzer with the XFACILIT profiles.

There are two XFACILIT class profile names used by Fault Analyzer:

IDIHIST_GROUP_DSN.group.hist-dsn
IDIHIST_USERID_DSN.userid.hist-dsn

where:

group and userid: are the security server default GROUP and USER ID that are associated with the current user (in case of creating a new fault entry), or the security server GROUP and USER ID that are associated with a fault entry (in the case of viewing, updating, or deleting an existing fault entry).
The security server GROUP and USER ID that are associated with a fault entry are those that were current for the user who initially created the fault entry.
hist-dsn: The name of the history file in which the fault entry resides.

Examples of XFACILIT class profile names could be:

IDIHIST_GROUP_DSN.PAYROLL.IDI.HIST
IDIHIST_USERID_DSN.USER01.SYSA.PROD.HIST

If access is not available by normal data set profiles, then Fault Analyzer checks for access to a given history file fault entry using both of the above XFACILIT class profile names, that is, using group as well as user ID. If either is found to provide the access required, then the history file action is performed.

The XFACILIT class profile access levels used by Fault Analyzer translate to Fault Analyzer actions as follows:

Table 1. XFACILIT profile access levels required for Fault Analyzer actions
Action	Example	XFACILIT access level
Read	Viewing the saved report or performing reanalysis.	READ
Write or create	Updating user notes in an existing fault entry, or creating a new fault entry in a history file.	UPDATE or CONTROL
Delete	Explicit deletions using the D or DD line command only.	ALTER