Securing Subzero components with SAF

This procedure gives other BMC products access to the STATAPI resource; STATAPI allows those products to work with Subzero through the Subzero application programming interface (BRDAPI). For example, the MainView products for CICS, DB2, DBCTL, and IMS Online can work with Subzero through BRDAPI.

To define the STATAPI resource to RACF

1. Specify JCL to define the STATAPI resource to your SAF package, and permit access to the resource.The resource name is HLQ.lparName.dbcGroup.BRD.STATAPI.PF. When a product function attempts to access the defined resource, DBC supplies the high-level qualifier that is assigned to DBC at startup, the system ID of the current LPAR, and the DBC group name. MainView provides the BRD and STATAPI portions of the resource name, and DBC appends the PF portion of the name (to indicate a product function).

   Tip

   When you define a resource for the BRDAPI, you can specify the wildcard * in values if you want the definition to apply to multiple systems.

   Example

   The following JCL shows how you might define the STATAPI resource to RACF:

   //RACFBAT JOB ...
   //TSO      EXEC PGM=IKJEFT01,REGION=4M,DYNAMNBR=30
   //SYSTSPRT DD SYSOUT=*
   //SYSTSIN  DD *
   RDEFINE FACILITY *.*.BRD.STATAPI.PF
   PERMIT *.*.BRD.STATAPI.PF CLASS(FACILITY) +
                             ID(MAINVIEW) ACCESS(UPDATE)
   SETROPTS CLASSACT(FACILITY)
   SETROPTS RACLIST(FACILITY) REFRESH
   RLIST FACILITY *.*.BRD.STATAPI.PF AUTHUSER
2. Execute the job, and view the output to determine that the required access is permitted.