Author Topic: z/OS V2.3 and RACF Function Read Only Audit  (Read 1373 times)

LizetteKoehler

  • Jr. Member
  • **
  • Posts: 18
    • View Profile
z/OS V2.3 and RACF Function Read Only Audit
« on: September 18, 2019, 01:32:25 PM »
In case you were not aware, with z/OS V2.3 and above, RACF now provides a function called Read Only Audit (ROAUDIT)

You can set this attribute on a userid and they will be able to do the following (Basically LOOK but don't touch)

A user who has the ROAUDIT attribute has the authority to list auditing information using the

   LISTDSD,
   RLIST,
   LISTUSER,
   LISTGRP,
   SETROPTS LIST,
   SEARCH commands
  as well as the IRRUT100 utility

Unlike users with the AUDITOR attribute, users with the ROAUDIT attribute are unable to specify logging options or to control logging to the SMF data set.


Thought this might be helpful to ADMINs for CMOD.

Lizette