Security reset not working
Article ID: 102837
Updated On:
Products
Datacom
DATACOM - AD
CIS
COMMON SERVICES FOR Z/OS
90S SERVICES
DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS
COMMON PRODUCT SERVICES COMPONENT
Common Services
CA ECOMETER SERVER COMPONENT FOC
Easytrieve Report Generator for Common Services
INFOCAI MAINTENANCE
IPC
UNICENTER JCLCHECK COMMON COMPONENT
Mainframe VM Product Manager
CHORUS SOFTWARE MANAGER
CA ON DEMAND PORTAL
CA Service Desk Manager - Unified Self Service
PAM CLIENT FOR LINUX ON MAINFRAME
MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME
GRAPHICAL MANAGEMENT INTERFACE
WEB ADMINISTRATOR FOR TOP SECRET
Xpertware
Issue/Introduction
Since upgrading to CCS 14.1, the SECURITY RESET command does not appear to have any effect on permissions.
Since dynamic changes are rare, I didn't notice right away.
In the Change Resource Translation Table section of Administrating doc-ops, it states that the CAS9 CAIRACF DD needs to have entries such as 'RACFCLASS DTTABLE,DT@ABLE,FASTAUTH=NO,CICS=YES' .
However, the docs from CCS states 'Fast RACHECK is used with a CICS application. CICS=YES implies FASTAUTH=YES' which seems to contradict the DB docs.
Also, the 15.1 docs state a sample is in CAI.SHLQ.CABDSAMP(CAS9SAFC), but I didn't find that member in either the 15.1 or 15.0 libraries.
he member is in the 14.0 library, but has the format 'RACFCLASS DTTABLE,DT@ABLE,FASTAUTH=NO,CICS=NO'.
Can I get clarification on how these statements are to be coded?
Since dynamic changes are rare, I didn't notice right away.
In the Change Resource Translation Table section of Administrating doc-ops, it states that the CAS9 CAIRACF DD needs to have entries such as 'RACFCLASS DTTABLE,DT@ABLE,FASTAUTH=NO,CICS=YES' .
However, the docs from CCS states 'Fast RACHECK is used with a CICS application. CICS=YES implies FASTAUTH=YES' which seems to contradict the DB docs.
Also, the 15.1 docs state a sample is in CAI.SHLQ.CABDSAMP(CAS9SAFC), but I didn't find that member in either the 15.1 or 15.0 libraries.
he member is in the 14.0 library, but has the format 'RACFCLASS DTTABLE,DT@ABLE,FASTAUTH=NO,CICS=NO'.
Can I get clarification on how these statements are to be coded?
Environment
z/os, CA Datacom/DB 15.x using RACF
Cause
Documentation in error,and being corrected..
Resolution
CAS9SAFC parameters: FASTAUTH=NO,CICS=NO should be used (Instead of FASTAUTH=NO,CICS=YES).
CABDSAMP(CAS9SAFC) is correct.
Additional Information
https://docops.ca.com/ca-datacom/15-1/en/administrating/security-overview/using-external-security-for-ca-datacom/security-interfaces-racf/change-resource-translation-table
Above link should now display the correct information and be matching CABDSAMP(CAS9SAFC).
Feedback
Yes
No
Powered by
