Roles and permissions

The following mainframe roles are referenced throughout the documentation. Each description provides a summary of the role and any permissions, privileges, and authorizations that are required to install, configure, run, and maintain you product.

Related topic

Planning

Role

Description

System programmer

The system programmer installs and maintains the operating system and installs, upgrades, and maintains products that run on the system.

To install the product, your user ID must have the following permissions, privileges, and authorizations:

  • Add, edit, and delete external security manager (ESM) user profiles (with the security administrator)
  • Read, write, and execute in z/OS UNIX System Services (USS)
  • Create, edit, and delete z/OS File System (zFS) directories
  • Add the load library to an APF-authorized library

You also require the network connections and permissions for FTP or IND$FILE transfer of the installation file (a binary TSO XMIT file) from your computer to the target z/OS system.

Security administrator

The security administrator works with the system programmer to plan and implement ESM user IDs, initial passwords, and password policies.

For more information, see Creating ESM resources.

Application developer

The application developer configures the product after installation.

For more information about different kinds of BMC AMI Security Privileged Access Manager users, see Getting-started.

Where to go from here

Examine additional planning content:

For an overview of the installation process, see Installing.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*