Configure resource profiles for read access to Datacom table and set the access authorities.
The resource profile for controlling read access to Datacom tables has the following form:
DTL.DBREAD.DATACOM.D
database_id.short_table_name
database_id
is a database identifier (ID) that begins with “D” and is followed by five digits. Database IDs must be left-padded with zeroes so that the ID always has five digits. PowerExchange matches the database ID in the resource profile against the database IDs of the actual Datacom databases. Valid values are 00001 through 99999.
short_table_name
is the short table name that is defined in Datacom for a table. PowerExchange matches the specified short table name against Datacom short table names and indirectly against Datacom long table names to determine the tables for which RACF is to restrict Datacom data map creation or READ access to the tables. You do not need to define separate RACF resource profiles for long table names. If you create resource profiles for long table names only, PowerExchange cannot also match on short table names to identify the tables that RACF is to protect.
Users that have READ access to the resource profile can use PowerExchange to read data from the Datacom table or obtain metadata for the table. Otherwise, access is denied. If you do not define a resource profile, PowerExchange does not control read access. For example, if you have a database ID of 23 and short table name of STL, create the following resource profile:
DTL.DBREAD.DATACOM.D00023.STL
You can define generic resource profiles to minimize the number of definitions. For example, the following generic profile in RACF covers all Datacom tables in all databases:
DTL.DBREAD.DATACOM.**
If an unauthorized user attempts a task such as a database row test of a data map in PowerExchange Navigator, PowerExchange issues the following message:
PWX-00243 Userid
user_id
not authorized to access resource
DTL.DBREAD.DATACOM.D
database_id
.
short_table_name
req=R by RACF.
In this message, the req value of “R” represents READ access.
If an unauthorized user attempts a task such as creating a data map, PowerExchange issues the following message:
PWX-02530 The metadata requested was not available, please check your parameters.