Roles and permissions

The following mainframe roles are referenced in various documentation topics. Each description provides a summary of the role and any permissions, privileges, and authorizations that are required to install, configure, run, and maintain the component and product or products.

Related topic

Planning

Role

Description

System programmer

The system programmer installs and maintains the operating system and installs, upgrades, and maintains products that run on the system.

To install the component and applications, you require a user ID that has the following permissions, privileges, and authorizations:

  • Add, edit, and delete external security manager (ESM) user profiles (with the security administrator)
  • Read, write, and execute in z/OS UNIX System Services (USS)
  • Create, edit, and delete z/OS File System (zFS) directories
  • Add the load library to an APF-authorized library

You also require the network connections and permissions for FTP or IND$FILE transfer of the installation file (a binary TSO XMIT file) from your computer to the target z/OS system.

Security administrator

The security administrator works with the system programmer to plan and implement ESM user IDs, initial passwords, and password policies.

For more information, see Creating RACF resources.

Application developer

The application developer configures the component and products after installation.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*