×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Limited support

   

BMC provides limited support for this version of the product. As a result, BMC no longer accepts comments in this space. If you encounter problems with the product version or the space, contact BMC Support.

BMC recommends upgrading to the latest version of the product. To see documentation for that version, see BMC AMI System Administration for IMS 2.9.
System Administration for IMS 2.8 ... Customizing Customizing BMC AMI Change Manager for IMS TM and BMC AMI Change Manager Virtual Terminal for IMS

Limiting access to the products

By default, access to many product functions is unlimited.

To restrict product usage, you must take steps to protect the functions that you want to restrict.

Under most circumstances, you do not have to set security when initially installing the products. Therefore, you may want to defer setting security until you have reviewed the various security methods.

DELTA PLUS and DELTA PLUS VIRTUAL TERMINAL allow you to secure product features through either of the following methods:

  • User access profiles

    If you decide to secure product features through user access profiles, you must first establish administrator authority to create and change user access profiles. After you establish administrator authority for appropriate users, you can use UPF security to create and maintain user access profiles. For more information about establishing administrator authority and using UPF, see Implementing user access profiles and UPF security—DELTA PLUS and DELTA PLUS VIRTUAL TERMINAL customization.

  • A System Authorization Facility (SAF) interface to RACF or an equivalent product

    For more information about securing product features through a SAF interface, see Implementing a SAF interface to RACF (or equivalent) product—DELTA PLUS and DELTA PLUS VIRTUAL TERMINAL customization.

    Note

    If you are going to restrict access to product functions via the SAF security interface, you must define the ACTIVATE resource before SAF will activate. The ACTIVATE resource provides a method to quickly activate and deactivate the interface. Users must have READ access to the ACTIVATE resource to access the product main menu. You should not define the ACTIVATE resource until you define all other resources.

    Warning

    If your site is running ACF2 and you elect not to install the SAF security interface, you must add the following SAFDEF entry to your ACF2 parameters:

             FUNCRET(4) FUNCRSN(0) ID(product) MODE(IGNORE)
         RACROUTE(REQUEST=AUTH CLASS=prd#) RETCODE(4)

    Failure to add this SAFDEF entry may cause you to receive the following error message when attempting to perform any product function:

    BMCprdnnnnnn NOT AUTHORIZED TO USE product

    Adding this SAFDEF entry will ensure that your existing internal product security will be used. If you decide to use the SAF security interface at a later time, you must delete this SAFDEF entry from your ACF2 parameters.

  • TopSecret

    For more information about implementing TopSecret to secure product features, see Implementing TopSecret.

Unless you use one of these methods to control use of product features, access to the products and use of their features is effectively unlimited. The approaches to internal security are mutually exclusive.

The following table lists the internal security modules for DELTA PLUS and DELTA PLUS VIRTUAL TERMINAL. Depending on the type of security that you implement to limit access, link the appropriate module.

If you use

Link

Using DLPCNTL member

TSO userID access list

DLPYUID0

DLP#UIDL

RACF interface

DLPYRCN0

DLP#RSCL

SAF interface

DLPYSAF

DLP#SAF1

This section contains the following topics:

Related topic

Customizing BMC AMI Change Manager for IMS TM and BMC AMI Change Manager Virtual Terminal for IMS




Was this page helpful? Yes No Submitting... Thank you
Last modified by Shubhangi Godbole on May 31, 2023
system_authorization_facility_saf associated_db/dc_functions user_id racf customization

Comments

Log in or register to comment.

Accessing the products from an ISPF options menu
Implementing user access profiles and UPF security—DELTA PLUS and DELTA PLUS VIRTUAL TERMINAL customization
© Copyright 2013 - 2018 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.