Using a z/OS protected userid

If your security standards allow the use of z/OS protected user IDs in your installation, then you only need to associate the z/OS protected user IDs to a TrueSight Console user IDs one time.

Using z/OS protected user IDs eliminates the need to periodically re-associate these user IDs due to password changes or for remote action requests from the console.

To use a z/OS protected user ID

1. Create a protected user ID using RACF or your specific other security package.With RACF either ADD or ALTER a user ID with the option NOPASSWORD
   The PROTECTED z/OS userid should only be granted access to the following resources: IIZ.WTO.* and/or AAO.EXEC.*.

2. In the Configuration Utility's Actions menu, select Administration > Associate z/OS Credentials.
   The Associate z/OS User Id and Password dialog is displayed.

   

3. In the Cell Name field, select the TSOM cell name for which this association is to be made.

4. In the TrueSight Console User Id or File Name of Rule field, type the BMC IM Console user ID or the rules file name to which the z/OS user ID and password are to be associated.

   Note

   This field is case-sensitive.

5. In the z/OS User Id field, type the z/OS protected user ID.
6. In the z/OS Password and the Confirm Password fields, type 1-8 blanks.
7. In the TSOM Cell Home Path field, accept the default or enter a different path, and press Refresh.
8. In the Encryption Strength field, select one of the following strengths:
   • Select Strong to save z/OS credentials by using blowfish encryption. (To use this option, you must have version 1.5 or later of BMC II for z/OS.)
   • Select Weak to save z/OS credentials by using simple munger code.

9. Click OK to set the association.

   Tip

   Clicking Refresh would reset the entries to their initial values. Clicking Cancel would terminate without making an association.