Using a z/OS protected userid

If your security standards allow the use of z/OS protected user IDs in your installation, then you only need to associate the z/OS protected user IDs to a BPPM Console user IDs one time.

Using z/OS protected user IDs eliminates the need to periodically re-associate these user IDs due to password changes or for remote action requests from the console.

To use a z/OS protected user ID

1. Create a protected user ID using RACF or your specific other security package.With RACF either ADD or ALTER a user ID with the option NOPASSWORD

   The PROTECTED z/OS userid should only be granted access to the following resources: IIZ.WTO.* and/or AAO.EXEC.*.

2. In the Configuration Utility's Actions menu, select Administration > Associate z/OS Credentials.The Associate z/OS User Id and Password dialog is displayed. (Figure 1)

   Figure 1. Associate z/OS User Id and Password dialog

   

3. In the Cell Name field, select the BPPM cell name for which this association is to be made.

4. In the BPPM Console User Id or File Name of Rule field, type the BMC IM Console user ID or the rules file name to which the z/OS user ID and password are to be associated. 

   Warning

   Note

   This field is case-sensitive.

5. In the z/OS User Id field, type the z/OS protected user ID.
6. In the z/OS Password and the Confirm Password fields, type 1-8 blanks.
7. In the BPPM Cell Home Path field, accept the default or enter a different path, and press Refresh.
8. In the Encryption Strength field, select one of the following strengths:
   • Select Strong to save z/OS credentials by using blowfish encryption. (To use this option, you must have version 1.5 or later of BMC II for z/OS.)
   • Select Weak to save z/OS credentials by using simple munger code.

9. Click OK to set the association. 

   Success

   Tip

   Clicking Refresh would reset the entries to their initial values. Clicking Cancel would terminate without making an association.