Skip to Content
Information
Space announcement This documentation space provides the same content as before, but the organization of the content has changed. The content is now organized based on logical branches instead of legacy book titles. We hope that the new structure will help you quickly find the content that you need.

Implementing Support for the Db2 File Utility

Related topic

Customizing-after-installation

Using the Code Debug CICS with Db2

If your site uses Db2 databases and Code Debug for CICS users need to be able to access those databases with Code Debug’s File Utility, then installation of the Db2 File Utility is required. The installation is performed in three stages:

  • Bind the plan
  • Establish Db2 authorization for XPED, XPRT, and XPSP transactions
  • Set FILE_UTILITY_DB2_AUTHTYPE global parameter.

This task requires the Db2 Administrator.

Task 6.1 Bind the Plan

The DBRM members for the Db2 File Utility have been updated in this release of Code Debug. The default bind package name has changed in this release to reflect the product code and release (MXD0170).

Use the JCL supplied in member DBBIND10 to bind the plan used by the Db2 portion of the Code Debug CICS File Utility, then grant EXECUTE authority of the plan to PUBLIC.

  1. Modify the JCL in member DBBIND10 as described in the comments.
  2. The JCL in DBBIND10 must be executed byan authorized Db2 user. Submit the JCL and ensure it completes successfully.
  3. The plan bound above must have EXECUTE authorization granted to PUBLIC. Use SPUFI (or whatever Db2 utility is used at your site) to execute the following SQL statement:
    GRANT EXECUTE ON PLAN MXDPLAN TO PUBLIC
    If you changed the plan name in the JCL above, substitute that plan name in place of MXDPLAN before executing the SQL statement.

Task 6.2 Establish Db2 Authorization for XPED, XPRT, and XPSP Transactions

To enable the Db2 portion of the Code Debug CICS File Utility, you must establish the necessary transaction authorizations by submitting revised DB2ENTRY RDO definitions.

Ensure the PLAN parameter matches the plan name used to bind the plan in the previous section. The default in member CSDXDDB2 is MXDPLAN.

Warning

Important

You may need to modify the DB2ENTRY parameters in the RDO definitions provided in SMXDSAMP member CSDXDDB2. If so, do so before proceeding.

Task 6.3 Determine Setting for FILE_UTILITY_DB2_AUTHTYPE PARMLIB Parameter

Change Code Debug PARMLIB parameter FILE_UTILITY_DB2_AUTHTYPE to the value listed in the following table that matches the applicable Db2 parameter: AUTHTYPE() DB2CONN and/or DB2ENTRY resource definition parameter.

Warning
  • Do not modify your Db2 setting. Set FILE_UTILITY_DB2_AUTHTYPE to match your Db2 setting.
  • If you are using AUTH=(GROUP,,) or AUTHTYPE(GROUP), specify FILE_UTILITY_DB2_AUTHTYPE=GROUP. Code Debug CICS will behave as though FILE_UTILITY_DB2_AUTHTYPE=NONE had been specified. See the discussion at the end of these notes.
  • Using AUTH=(USERID,,) or AUTHTYPE(USERID) and the IBM Db2 sign-on exit DSN3@SGN is equivalent to using AUTH=(GROUP,,) or AUTHTYPE(GROUP). In this situation, BMC also strongly recommends setting FILE_UTILITY_DB2_AUTHTYPE to NONE—not USERID.

These settings require Code Debug to examine external security blocks to create a list of resources the user is authorized to access. BMC policy is to access individual security information only through published APIs. Attempting to support access at the group level would violate this policy and your site's security. Therefore, Code Debug cannot provide an accurate list of Db2 resources at this level, and BMC strongly recommends setting FILE_UTILITY_DB2_AUTHTYPE to NONE to allow Db2 authorization to manage access to Db2 resources. We regret any inconvenience this may cause.

Code Debug Global Parameter FILE_UTILITY_DB2_AUTHTYPE Settings

FILE_UTILITY_DB2_AUTHTYPE
Value

Db2 Authorization ID Obtained by Code Debug

NONE

Code Debug makes no checks to determine whether the user is authorized to access the resource. When the resource is actually selected, Db2 will perform any necessary checking. This is the preferred setting for sites using USERID and GROUP authorization.

USERID

Code Debug uses eight-byte SNT USERID field. BMC strongly recommends using NONE instead of USERID. See Notes above.

GROUP

Code Debug CICS will behave as though FILE_UTILITY_DB2_AUTHTYPE=NONE had been specified. See NONE description below and Notes above.

USER

Code Debug uses three-byte SNT operator ID field.

TERM

Code Debug uses terminal ID.

TXID

Code Debug uses transaction ID.

SIGNID

Code Debug uses CICS authorization ID value, which is from the DB2CONN SIGNID() parameter.

STRING

Code Debug uses value from DB2ENTRY AUTHID() parameter.

Example 1

If you want to use USERID security:

DB2CONN or DB2ENTRY AUTHTYPE (USERID)
Set global parameter FILE_UTILITY_DB2_AUTHTYPE=USERID

Example 2

If you want to use TERM security:

DB2CONN or DB2ENTRY AUTHTYPE (TERM)
Set global parameter FILE_UTILITY_DB2_AUTHTYPE=TERM

Task 6.4 Allocate, Format, and Initialize the SQL Transfer File (DBCDEFSQ)

Use the DBCDEFSQ SMXDSAMP member to allocate the Code Debug CICS SQL transfer file, which enables you to save SQL calls generated by the Db2 File Utility and transfer them to other data sets. This file may be shared across multiple regions on the same MVS image. Use SHAREOPTIONS (4 3) if sharing across multiple regions.

  1. SMXDSAMP member DBCDEFSQ contains JCL that allocates a VSAM KSDS SQL file. Supply the volume serial, data setet name, and appropriate space parameters.
  2. Add your job card and submit the JCL.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC AMI DevX Code Debug for CICS 17.02