When users are added to the STGADMIN.ARC.ABACKUP.agname profile, they receive RESTRICTED command authority. If users with this RESTRICTED authority issue the ABACKUP command, they must have a minimum of READ access to all RACF-protected data sets in the aggregate group. If they do not have READ or READ/WRITE access to a RACF-protected data set, the ABACKUP command fails for that data set during verification processing. Each data set that fails authorization checking is listed in the aggregate backup activity log.
If a data set is not RACF® protected, it does not fail during verification processing because no RACF authorization checking is performed on it.
RDEFINE FACILITY STGADMIN.ARC.ABACKUP.PAY1
PERMIT STGADMIN.ARC.ABACKUP.PAY1 CLASS(FACILITY) -
ID(OPER) ACCESS(READ)