Understanding message and diagnostic options
Valid MainView diagnostic or message modes are described in following table.
Global Extended Diagnostic Mode
Global Extended Diagnostic Mode extends Extended Diagnostic Mode (XDM) monitoring to the entire MainView subsystem, which includes the CAS and all connected product and user address spaces.
GXDM mode is set by the XDM=Y parameter of the CAS started task procedure.
Extended Diagnostic Mode initiates additional internal diagnostic and validation procedures. It is not recommended for normal MainView operation. In addition, Extended Diagnostic Mode causes all Extended Message Mode messages to be issued in the same manner as the GXDM option.
Local Extended Diagnostic Mode
Local Extended Diagnostic Mode sets monitoring conditions for the current CAS, PAS, or UAS. Local Extended Diagnostic Mode issues all Extended Message Mode messages similar to the LEMM option.
Local Extended Diagnostic Mode initiates additional internal diagnostic and validation activity. It is not recommended for normal MainView operation.
Global Extended Message Mode
Global Extended Message Mode sets monitoring conditions for diagnostic messages issued by the CAS and any connected address space, such as a PAS or a UAS.
Global Extended Message Mode issues standard diagnostic messages similar to the GXDM option.
Local Extended Message Mode
Local Extended Message Mode sets monitoring conditions for diagnostic messages issued by the current address space.
Standard security diagnostic messages that are controlled by LSEMM mode are a subset of LEMM messages. Therefore, LSEMM messages are issued when LEMM mode is active, regardless of LSEMM status.
Likewise, when LEMM mode is active, you cannot disable standard security messages by disabling the LSEMM option.
Local Security Extended Message Mode
Local Security Extended Message Mode sets monitoring conditions for standard security diagnostic messages that are issued by the current address space.
The messages that are controlled by LSEMM mode are a subset of the messages managed by LEMM mode. LSEMM mode can manage the set of security-oriented messages independently of LEMM mode. However, if LEMM mode is active, you cannot prevent security diagnostic messages from being issued by inactivating LSEMM mode.
Local Extended Security Trace
Local Extended Security Trace mode manages extended diagnostic security trace messages that are produced by the current address space.
These messages are in addition to LSEMM messages and provide more information than the standard security trace messages.
Local Simple Security Trace messages (LSSTR) are a subset of the security trace messages that are managed by LESTR mode.
Global Extended Security Trace
Global Extended Security Trace mode manages extended diagnostic security trace messages that are produced by the CAS and all connected address spaces.
These messages are in addition to the LSEMM option messages and provide more information than standard security trace messages.
The messages that are managed by GSSTR mode are a subset of GESTR messages. When GESTR mode is active, GSSTR messages are displayed regardless of the state of the GSSTR option.
Local Simple Security Trace
Local Simple Security Trace mode manages simple diagnostic security trace messages that are issued by the current address space.
LSSTR messages are a subset of the messages that are managed by the LESTR option. When LESTR mode is active, LSSTR messages are displayed regardless of the state of the LSSTR option.
Global Simple Security Trace
Global Simple Security Trace mode manages simple diagnostic security trace messages that are issued by the CAS and all connected address spaces.
GSSTR mode allows simple security trace messages to be managed independently of GESTR mode messages.
Global Safe Security Message
Global Safe Security Message mode manages safe security messages that are issued by an external security manager during the initialization phase of a MainView window.
The default value is
Safe security messages are standard messages that are issued during the creation of a security environment by the external security manager at sign-on. Safe security messages include message IDs, such as BBMSS201I, ICH70001I, TSS7000I, TSS7001I, and ACF01137, plus any additional messages designated by your installation.
Inherited security environments that are established during window initialization produce messages that normally convey insignificant information. These messages are typically bypassed. In cases where these messages might be important, the GSSM option can be set
If the external security manager returns any messages other than safe security messages during window initialization, this option value is ignored and all security messages are displayed.
Extended Authorization Simple Trace
Extended Authorization Simple Trace mode manages simple Extended Authorization security interface trace messages that are issued in response to target or context activity occurring in the current window.
Extended Authorization is the name of the internal mechanism that is used by most components to authorize end user access to resources protected by the security interface. The simple trace messages issued by Extended Authorization are more general than those issued as a result of activating the LSSTR option.
You can dynamically enable or disable the display of simple trace messages for Extended Authorization security calls from the current window by specifying the appropriate line command.
A value of
A value of
CA ACF2 SAFTRACE GSO Option Status
CA ACF2 SAFTRACE GSO Option Status mode manages messages that are produced by the CA ACF2 external security manager in the current context.
The SAFTRACE option indicates the status of the CA ACF2 5.2 SAFTRACE GSO option, which is maintained by CA ACF2 for each system image. You can alter the status of this option only with facilities that are provided by CA ACF2 for this purpose.
The SAFTRACE option status is shown because it must be enabled to control SAFTRC messages.
A value of
A value of
For CA ACF2 Release 6.0 and above, the SAFTRACE GSO option is not supported and is always shown as
CA ACF2 LOGONID SAF-TRC Attribute
This mode is displayed only if CA ACF2 is the external security manager in the current context.
The SAFTRC (SAF Interface Trace) option provides the status and temporary control over the SAF-TRC attribute of the LOGONID in effect for the address space for the current context for CA ACF2 Release 5.2 only.
The SAF-TRC attribute specifies that the CA ACF2 5.2 system's SAF interface component is to issue SAF trace messages describing the parameters for each RACROUTE macro instruction executed in the address space, provided that the SAFTRACE GSO option also is enabled.
For SAF trace messages to be generated by CA ACF2, the SAFTRACE GSO option must be enabled and the address space LOGONID must have the SAF-TRC attribute. You can temporarily enable the SAF-TRC attribute by turning this option
You can dynamically, but only temporarily, enable or disable CA ACF2 5.2 SAF trace messages for the current address space LOGONID by specifying the appropriate line command.
A value of
A value of