On the system that is the target of pwxcmd commands, set the first parameter in the SECURITY statement to 2. Then, provide resource profiles on the target system to authorize users to run specific pwxcmd commands.
PowerExchange checks the resource profiles to determine whether the user ID supplied on the pwxcmd program is authorized to run commands.
In the resource profiles, the RACF class is either the default FACILITY class or the value specified in the RACF_CLASS parameter in the DBMOVER configuration file.
To authorize a user to issue pwxcmd commands, grant the user READ access to the appropriate resource profiles. Otherwise, access is denied.
The resource profile that controls access to pwxcmd commands has the following form:
The following table describes the variables in a resource profile for pwxcmd commands:
PowerExchange service type. Options are:
LISTENER. PowerExchange Listener.
CONDENSE. PowerExchange Condense.
The service name specified in the CMDNODE statement in the DBMOVER configuration file.
The pwxcmd command. You can issue the following PowerExchange Condense commands through the pwxcmd program:
You can issue the following PowerExchange Listener commands through the pwxcmd program:
Define generic resource profiles to minimize the number of definitions.
For example, the following profile grants access to all PowerExchange Condense commands issued through the pwxcmd program:
The following profile grants access to all PowerExchange Condense commands issued through the pwxcmd program that specify the MY_COND service name:
To authenticate users to run pwxcmd commands, configure PowerExchange to check user credentials for the pwxcmd program.