System requirements


Before you install the product, make sure that your environment meets the hardware and software requirements.

Product compatibility matrix

Db2 support

This version of CHECK PLUS supports IBM Db2 Versions 12 or 13.

System requirements

  • CHECK PLUS requires z/OS version 2.4.
  • CHECK PLUS requires minimum hardware EC12 and Z114.

Software requirements

This version of CHECK PLUS has the following requirements for additional IBM or BMC software:

  • For all types of check jobs, CHECK PLUS requires a minimum of the versions of BMC common components:
    • Version 2.4.01 of BMCSORT
    • Version 13.1.00 of the DB2 Utilities Common Code (D2U)
    • Version 13.1.00 of the DB2 Solution Common Code (SCC)
  • To enable read/write access to your data during check processing, CHECK PLUS requires version 6.02.01 or later of the BMC SUF (also known as XBM) product and its technology. 

If you use the XBMID option to specify a particular SUF (also known as XBM) subsystem, that subsystem must be at this maintenance level. If you do not specify an SUF (also known as XBM) subsystem but ZIIP ENABLED is in effect, CHECK PLUS searches for an SUF (also known as XBM) subsystem at this level.

Required authorization

To use the CHECK PLUS product, you must have the appropriate authorization within Db2 and through your system security package, such as the Resource Access Control Facility (RACF). You need sufficient authorization to access resources and perform the tasks that are accomplished during CHECK PLUS processing.

The following table describes how CHECK PLUS verifies authorization based on the authorization verification mechanism that is available for your system:

Available authorization
verification mechanism

CHECK PLUS actions

Db2 security exit

CHECK PLUS uses the DSNX@XAC authorization exit to verify authorization for external access. The exit is available from the sources:

  • IBM provides a sample exit with Db2 for the IBM Resource Access Control Facility (RACF) component.
  • Computer Associates provides the DSNX@XAC exit with CA ACF2 Security for Db2 and CA Top Secret Security for Db2.

We recommend this mechanism for implementing external security. The access control authorization exit must be available in the STEPLIB, JOBLIB, linklist, or in the SYS3.DSN exit.

One of the security
products from Computer
Associates:

  • CA ACF2
  • CA Top Secret

CHECK PLUS uses either of these Computer Associates products with any version of Db2. CHECK PLUS detects the presence of the product in the subsystem where CHECK PLUS is running.

To use either of these products with CHECK PLUS, you must meet the following requirements:

  • You must be using a version of your security product that enables external security calls for Db2.
  • The value of the ACFORTSS installation option must be YES (the default).

Important

If you have one of these security products installed, but the version does not support external security, you must complete one of the following tasks:

  • Change the value of the ACFORTSS installation option to NO. CHECK PLUS then uses the standard Db2 method to check security.
  • Contact your security vendor for the required APAR to enable external security calls for Db2. Then, ensure that the value of the ACFORTSS installation option is YES.

None are available

CHECK PLUS uses the standard Db2 method to check security.

DB2 authorization

To run CHECK PLUS, you must have the following authorizations:

  • Sufficient Db2 authority to run the CHECK PLUS plan and all packages that the CHECK PLUS plan uses
  • Authorization equivalent to the authorization that the comparable IBM Db2 CHECK utility requires

Important

The CHECK TABLESPACE command requires only the authority to execute the CHECK PLUS plans and packages.

Data set authorization

CHECK PLUS does not use Db2 to access the data sets that it uses. Therefore, you must have system authorization that is equivalent to the authorization that is required by Db2. You can obtain this authorization in one of the following ways:

  • If you use RACF or ACF2, specify OPNDB2ID=YES in your installation options module.
  • Establish authorization as described in Establishing authorization when OPNDB2ID=NO.

To enable data set access using the Db2 DBM1 user ID for RACF or ACF2

Specify OPNDB2ID=YES in your installation options.

This option tells the utility to use the Db2 DBM1 RACF or ACF2 user ID for data set access.

Important

Using OPNDB2ID=NO can improve performance, depending on the size of your data set profiles and the number of VSAM data sets that are involved in the check.

To enable data set access when not using the Db2 RACF ID

  1. Specify OPNDB2ID=NO in your installation options.This option tells REORG PLUS not to use the Db2 RACF ID for data set access.
  2. If using RACF or a similar system security package to protect underlying data sets and the Integrated Catalog Facility (ICF) catalog of a table or index space, grant a minimum of the following levels of authorization:
    • ALTER or CONTROL to access, update, and define Db2 data sets
    • UPDATE or CONTROL to access and update the ICF catalog

Using security packages other than RACF

The following procedure illustrates one method for granting data set authorizations when your site uses a system security package other than RACF:

  1. Associate users with a security group.
  2. Grant EXECUTE authority on the CHECK PLUS product program (ACKUMAIN) to the security group.
  3. Grant the data set authorizations that are described in Table 6 to the CHECK PLUS product program.

MEMLIMIT system parameter

CHECK PLUS requires above-the-bar memory and will abend if this memory is not available. The default value for the System Management Facility (SMF) MEMLIMIT parameter is 2 GB.

You can change the default MEMLIMIT parameter value in member SMFPRMxx in SYS1.PARMLIB by using one of the following methods:

  • Specify the MEMLIMIT parameter in the JCL.
  • Specify REGION=0M in the JCL.
  • Use the SMF IEFUSI exit.

If you cannot specify REGION=0M, we recommend that you specify NOLIMIT to allow unlimited above-the-bar memory. If you are unable to specify NOLIMIT, specify at least 4 GB.

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*