Commands

In addition to the RSS Commands, you can run Security PAM commands with the MVS Modify command in an MVS console to extract information from the product or adjust certain processing options.

Related topics

Administering

Troubleshooting

To run a Security PAM command, run the following syntax:

/F startedTaskName,command keyword1 keyword2

Security PAM supports the following commands:

RECONFIG

You can use the RECONFIG command to reconfigure certain parameters in your parameter library without restarting the product.

The syntax for this command is as follows:

/F startedTaskName,RECONFIG memberName

Variable

Description

startedTaskName

STC (started task) that runs the product

memberName

Configuration member having the parameter with the updated value, which is located in the same data set as the original configuration members

When you run this command, the product overwrites the parameters that were previously defined in the original configuration members with the new parameters from the configuration member specified in the command.

You cannot use the RECONFIG command to reconfigure the parameters in the HTTPServer and RESTApi blocks in your configuration member. Also, you can run this command only if all the user IDs in a project are in Available status.

To reconfigure parameters in the parameter library

  1. Create a new configuration member in your data set that has all the original configuration members.
  2. On the newly created configuration member, specify the parameter and its updated value.
  3. Run the RECONFIG command with the new configuration member.
    For example, if the new configuration member with the updated parameter is UPDTPARM1 and the started task is ECYZBGL, then run the following command:
    /F ECYZBGL,RECONFIG UPDTPARM1

STATUSREPORT

(SPE2210)

You can use the new STATUSREPORT command to generate a status report of elevation requests, entitled STREPORT, in a dynamic DD statement that is created in the STC.

The syntax for this command is as follows:

/F startedTaskName,STATUSREPORT [active]

Variable/Keyword

Description

startedTaskName

STC (started task) that runs the product

active

(Optional) Generates a status report with all requests that are not in Available status

If you do not specify the keyword active, then the status report displays all requests, including the requests in Available status.

Alternatively, you can generate a status report from the product user interface by clicking Status Report.

PAMRESET

(SPE2210)

You can use the PAMRESET command to reset a user ID without cold starting the STC. This command is particularly useful in production environments.

The following table contains the command syntax to perform various actions:

Action

Command syntax

Reset a specific user ID on a specific project

/F startedTaskName,PAMRESET project userID

Reset a specific user ID on all projects

/F startedTaskName,PAMRESET * userID

Reset all user IDs on a specific project

(SPE2301)

/F startedTaskName,PAMRESET project *

Reset all user IDs on a specific project, delete the project, and re-create the project (like in a cold start)

(SPE2301)

/F startedTaskName,PAMRESET project * cold

To delete a specific user ID on a specific project and re-create the user ID (like in a cold start)

(SPE2301)

/F startedTaskName,PAMRESET project userID cold

The variables and keywords used with the PAMRESET command follow:

Variable or Keyword

Description

startedTaskName

STC (started task) that runs the product

project

Name of the project that has the user ID that you need to reset

To reset user IDs on all projects, specify *.

userID

User ID that you need to reset

To reset all user IDs on a project, specify *.

Deletes and re-creates a user ID or project (like in a cold start)

PAMPROJREFRESH

(SPE2301)

You can use the PAMPROJREFRESH command to refresh a project. When you run this command, Security PAM compares the user IDs in a project with the user IDs in the RACF group associated with that project. If Security PAM finds that a user ID available in the RACF group is not available in the project, Security PAM adds the missing user ID to the project.

The syntax for this command is as follows:

/F startedTaskName,PAMPROJREFRESH

To see the user ID that was added to the project, on the product dashboard, click Refresh status.

To remove a user ID from a project that was previously removed from a RACF group, restart the product.

When you run this command in different scenarios, Security PAM displays the following messages in the STC log:

Message

Scenario

PAMPROJREFRESH command issued

When you run the PAMPROJREFRESH command

PAMPROJREFRESH command completed

When the PAMPROJREFRESH command completes its run

User userName added for project projectName

When Security PAM adds a user ID that was unavailable in the project from a RACF group to its associated project


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*