Administrative object types and object names

CICS BAC generates administrative resource names when the workstation administration client, the file maintenance utility, or the ISPF administration interface attempts to access a record in a CICS region control file. Accesses that simply read the record require only a UACC of READ for the resource. Examples of this are the LIST command in the file maintenance utility and the download and browse functions of the workstation administration client. Other accesses, such as insert, replace, or delete require a UACC of UPDATE for the resource. Examples of this are the ADD, UPDATE, and DELETE commands of the file maintenance utility and the upload and delete from host functions of the workstation administration client. The name generated for the security check is the name you need to define to RACF in the FACILITY general resource class.

The objectType and objectName fields for accessType ADMIN are derived according to the following table:
objectType objectName
FILE The name of the file object being accessed.
TDQUEUE The name of the transient data queue object being accessed.
TRANSID The name of the transaction object being accessed.
PROGRAM The name of the program object being accessed.
APPGROUP The name of the application group object being accessed.
APPLIST Name of the application list object being accessed.
REGION The literal PROPERTY for access to a CICS region object.

Some examples of the ADMIN access type resource names are as follows: