DatacomDATACOM - ADCISCOMMON SERVICES FOR Z/OS90S SERVICESDATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OSCOMMON PRODUCT SERVICES COMPONENTCommon ServicesCA ECOMETER SERVER COMPONENT FOCEasytrieve Report Generator for Common ServicesINFOCAI MAINTENANCEIPCUNICENTER JCLCHECK COMMON COMPONENTMainframe VM Product ManagerCHORUS SOFTWARE MANAGERCA ON DEMAND PORTALCA Service Desk Manager - Unified Self ServicePAM CLIENT FOR LINUX ON MAINFRAMEMAINFRAME CONNECTOR FOR LINUX ON MAINFRAMEGRAPHICAL MANAGEMENT INTERFACEWEB ADMINISTRATOR FOR TOP SECRETXpertware
Issue/Introduction
Since upgrading to CCS 14.1, the SECURITY RESET command does not appear to have any effect on permissions.
Since dynamic changes are rare, I didn't notice right away.
In the Change Resource Translation Table section of Administrating doc-ops, it states that the CAS9 CAIRACF DD needs to have entries such as 'RACFCLASS DTTABLE,DT@ABLE,FASTAUTH=NO,CICS=YES' .
However, the docs from CCS states 'Fast RACHECK is used with a CICS application. CICS=YES implies FASTAUTH=YES' which seems to contradict the DB docs.
Also, the 15.1 docs state a sample is in CAI.SHLQ.CABDSAMP(CAS9SAFC), but I didn't find that member in either the 15.1 or 15.0 libraries. he member is in the 14.0 library, but has the format 'RACFCLASS DTTABLE,DT@ABLE,FASTAUTH=NO,CICS=NO'.
Can I get clarification on how these statements are to be coded?
Environment
z/os, CA Datacom/DB 15.x using RACF
Cause
Documentation in error,and being corrected..
Resolution
CAS9SAFC parameters: FASTAUTH=NO,CICS=NO should be used (Instead of FASTAUTH=NO,CICS=YES).