Site-specific security

When IBM CICS security is active with certain System Initialization Table (SIT) parameters, the BBI-SS PAS address space user ID must have security authorization to perform the following processes after a recycle of the BBI-SS PAS. 


Related topic

Implementing-BBI-SS-PAS-to-IBM-CICS-communication

In the SIT, when you specify XTRAN=YES, regardless of CMDSEC and RESSEC parameter settings, you must specify ACCESS(READ) for the BBI-SS PAS user ID in resource class TCICSTRN (or site-specified resource class for XTRAN), for the following transactions (resources):

  • BMCE
  • FST2
  • BCRT
  • FCD2
  • JNL2
  • FIC2
  • FCM1
  • BMCA

In the target IBM CICS region, if CICS surrogate user checking is turned on via the SIT parameter XUSER=YES (regardless of CMDSEC and RESSEC settings), you must authorize the BBI-SS PAS user ID as a surrogate user in the CICS region.

If you are using RACF as the security manager, enter the following RACF command to authorize the user ID:

PERMIT userid1.DFHSTART CLASS(SURROGAT) ID(userid2) ACCESS(READ)

where userid1 is the ID of the BBI-SS PAS and userid2 is the user ID of the CICS region.

If you are using a different a security manager than RACF, see that security manager's documentation. 

If  BMC AMI Ops Monitor for CICS is installed, see more information at Site-specific security.

For more information, see the IBM documentation "CICS RACF Security Guide" to read about CICS security checking. Also, see the IBM documentation "CICS System Definition Guide" to read about CICS security system initialization parameters (CMDSEC, RESSEC, XTRAN, XUSER, and so on).


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*