Space banner

   

This space provides the same content as before, but the organization of the home page has changed. The content is now organized based on logical branches instead of legacy book titles. We hope that the new structure will help you quickly find the content that you need.

Changing a parameter definition member

You do not need to modify the default security parameters unless one of the following conditions exists:
  • You use an ESM other than RACF, CA-Top Secret, or CA-ACF2.

  • You have both CA-ACF2 and RACF installed at your site, but you want to use RACF. You must tell MainView to use RACF because CA-ACF2 is installed in such a way that it appears to be the preferred ESM.

Before you begin

Your user ID must be authorized to update the BBSECURE security parameter library for each CAS on each system image.

To change a parameter definition member

  1. On the COMMAND line of the SEPDEF view, type EDIT and press Enter to request an edit session.
  2. On the COMMAND line, type CHAnge and press Enter. The Change Global Security Parameters dialog is displayed.
                          Change Global Security Parameters
    COMMAND ===>                                                SCROLL ===> PAGE
    
    ESM Attributes:
     ESM Type         AUTO       Support EntityX YES
     TSS Priv Program STD        Display TSS Msgs ALL
     Support DSType=M YES        Display ACF2 Msgs ALL
    Sybsystem Identification:
     Subsys ID        SSID       Applid SSID
     ReqStor          ASIS       Session Type NONE
    End User Information:
     ESM Userid       ACCEPT     Default Userid NONE
     Programmer Name  ALLOW      GROUP Inherit ALLOW
     Accounting Info  ALLOW
     --Default Value  EXTERNAL
    Diagnostics and Trace:
     Security Traces  OFF        Restart (times) 3
     Window Messages  NONSAFE    in (minutes) 60
    
    END to exit saving changes
    CANCEL to exit without saving changes
    HELP to view related help
    RESET to reset to initial data
  3. To identify a specific ESM to the MainView security interface, specify one of the following values in the ESM Type field:

    Value

    Description

    ACF2

    CA-ACF2 is your primary ESM.

    RACF

    RACF is your primary ESM. It is only necessary to specify RACF if you also have CA-ACF2 installed, but you want to use RACF.

    TSS

    CA-Top Secret is your primary ESM.

    SAF

    A generic SAF interface is in use, such as one that was developed in-house.

    The default value of AUTO tells MainView to determine automatically which ESM is installed and active.

  4. If one of the following conditions exists, specify IGNORE in the GROUP Inherit field:
    • You do not use the RACF List of Groups checking facility (SETROPTS NOGRPLIST is in effect)

    • You do not use the RACF List of Groups checking facility (SETROPTS NOGRPLIST is in effect) but you have non-homogenous GROUP IDENTs CONNECT to the same USER profile on different system images or on system images that do not share a common RACF data base, and you do not want all users' current CONNECT GROUP to be to be inherited from system where the user is using Information Manager

    The GROUP IDENT of a USER is not inherited on the target system.

    Note

    United States Department of Defense B1 security guidelines require that the GROUP Inherit value be ALLOW or UTKNONLY.

  5. Modify other default parameter values as necessary.
  6. When your changes are complete, press the END key. The SEPDEF view is redisplayed.
  7. On the COMMAND line, type SAVE and press Enter to save your parameter changes. The Save a Security Parameter Definition dialog is displayed.

    Note

    At any time before you enter the SAVE command, you can cancel your changes by entering CANcel on the COMMAND line. The default security parameters are reinstated.

  8. (optional) In the Description field, update the existing description or specify a new description of up to 30 characters.
  9. Press the END key to save the parameter definition member. The member is saved in the BBSECURE security parameter library for the local CAS or, in a shared environment, for all CASs. The updated definition is activated the next time that the CAS is initialized or the system is IPLed.
Related topic

Was this page helpful? Yes No Submitting... Thank you

Comments