Newer version of documentation BMC provides a newer version of the documentation for this version of the product. As a result, BMC no longer accepts comments in this space.BMC recommends upgrading to the latest version of the product. To see documentation for that version, see bao8301.

Setting up a z/OS user ID

BMC II for z/OS lets you associate a z/OS user ID with a TrueSight console user ID.

You can define the z/OS user ID and password that authenticate the BMC AMI Ops Automation EXEC or WTO messages that are sent from the TSOM cell. For additional security, you can opt to use a passphrase up to 100 characters instead of a password.

If you want a TSOM cell to issue WTO messages or have BMC AMI Ops Automation schedule REXX EXECS from a TSOM cell rule, you need an association for each rule file (*.mrl) that contains a rule that will schedule an EXEC or issue a WTO message. Create this association by specifying the rule file name in place of the TrueSight console user ID when defining the association.

Remote actions run on the computer that contains the cell. Remote actions can be run automatically by rules or initiated by users in BMC Impact Explorer. The cell’s Knowledge Base stores the available remote actions according to the platform on which they run.

Each BMC Impact Explorer console user must set up a z/OS user ID association for each TSOM cell to request BMC AMI Ops Automation EXECs or schedule WTO messages. The z/OS user ID must be set up anytime the z/OS password is changed.

Note

Granting the ability to either schedule WTOs or schedule REXX EXECS should be the exclusive and only function of the z/OS user ID. In order to secure access to the system, BMC recommends that any z/OS user ID that has the ability to write messages to the journal or the ability to schedule REXX EXECS should be limited to this access alone. The ability to access additional resources with the z/OS user ID can be a security concern.

To set up a z/OS user ID

  1. Log in to the TSOM cell's server.

  2. To access the user ID dialog, use one of the following methods:

    If you are using

    Complete these actions

    The Configuration Utility

    From the Actions menu, select Administration > Associate z/OS credentials.

    The Associate z/OS User Id and Password dialogis displayed.

    Microsoft Windows

    1. At the command prompt, enter cd %MCELL_HOME%/bin.
    2. Enter mv_setup.

    The Setup z/OS User Id and Password dialog is displayed.

    UNIX with X Windows

    1. Specify the DISPLAY, MCELL_HOME, and JAVA_HOME environment variables (if they are not predefined) as follows:
      • Specify DISPLAY as export DISPLAY=mySystem:0 (replacing mySystem with the IP address or FQDN of the system on which X Windows is running).
      • Specify MCELL_HOME as export MCELL_HOME=/opt/mcell (replacing /opt/mcell with the directory where the TSOM cell is installed).
      • Specify JAVA_HOME as export JAVA_HOME=/opt/java1.4 (replacing /opt/java1.4 with the root directory for JAVA).
    2. Enter cd $MCELL_HOME/bin.
    3. Enter ./mv_setup.

    The Setup z/OS User Id and Password dialog is displayed.

     Associate z/OS User Id and Password dialog

    GUID-D44EE3FE-57B0-40FF-8AD4-638E9B18E0FE-low.bmp

     The mv_setup z/OS User Id and Password dialog

    GUID-671B7580-8540-46C2-A15A-B5FF8A2F56C4-low.png

  3. In the Cell Name field, select the TSOM cell name for which this association is to be made.

  4. In the TrueSight Console User Id or File Name of Rule field, type the BMC IM Console user ID or the rules file name to which the z/OS user ID and password are to be associated.

    Note

    This field is case-sensitive.

  5. In the z/OS User Id field, type the z/OS user ID.
    Depending on your security preferences or requirements, you can use either a z/OS password or a passphrase.
    • If you want to use a z/OS password, proceed to Step 6.
    • If you want to use a passphrase, proceed to Step 7.
  6. If you want to use a z/OS password, perform the following actions:

    1. Type the z/OS password in the z/OS Password field.

      Note

      If you are using z/OS protected user IDs, no password is required. Specify from one to eight blanks in the z/OS Password and Confirm Password fields. For more information, see Using-a-z-OS-protected-userid.

    2. In the Confirm Password field, type the password again.
    3. Skip to Step 8.

  7.  If you want to use a passphrase, select the Yes option in the Enable Passphrase field.
    The Setup z/OS User Id and Password dialog with Passphrase enabled displays.

    GUID-C9493090-0F88-4E0A-9B7F-9926A4603C5C-low.png

    1. In the Passphrase field, type a passphrase from 8 to 100 characters.
    2. In the Show Passphrase field, select Yes if you want the passphrase to be shown when you type it or select No if you want the passphrase to be hidden when you type it.
  8. In the TSOM Cell Home Path field, accept the default or enter a different path, and press Refresh.
  9. In the Encryption Strength field, select one of the following strengths:
    • Select Strong to save z/OS credentials by using blowfish encryption. (To use this option, you must have version 1.5 or later of BMC II for z/OS.)
    • Select Weak to save z/OS credentials by using simple munger code.

  10. Click OK to set the association.

    Tip

    Clicking Refresh would reset the entries to their initial values. Clicking Cancel would terminate without making an association.

Where to go from here

After you have installed the cell and console components, you should configure the BMC II for z/OS cell and console as explained in Allocating-and-initializing-the-control-data-sets.

Related topic

Installing-BMC-II-for-z-OS-components

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*