Use the CONSOLE resource class to define profiles that control user access
to a console.
If the CONSOLE class has been activated, you can control whether a user
is allowed to sign on to a console. Console protection is implemented in a
method similar to that for protecting terminals, with the exception of the
following, which were discussed in
Overriding the SETROPTS TERMINAL command:
- The SETROPTS TERMINAL command does not apply to consoles.
- The TERMUACC group attribute does not apply to consoles.
Before activating the CONSOLE class, check the z/OS MVS Planning: Operations manual
for the effects of console protection on MVS consoles.
The profile used in the console class is the console name or number. For
example:
RDEFINE CONSOLE CICSCONS UACC(NONE)
The user must have READ access to the console name to sign-on at a console.
The following example shows how user CICSOPR would be permitted to sign on
to the console named CONCICS1:
RDEFINE CONSOLE CONCICS1 UACC(NONE)
PERMIT CONCICS1 CLASS(CONSOLE) ID(CICSOPR) ACCESS(READ)
Note that, unlike
the case with TERMINAL protection, a sign-on attempt will fail if made at
a console that has not been defined in the activated CONSOLE class. The access
authority to undefined consoles is NONE.