Security reset not working
Article ID: 102837
Updated On:
Products
CA Datacom
CA DATACOM - AD
CA CIS
CA Common Services for z/OS
CA 90s Services
CA Database Management Solutions for DB2 for z/OS
CA Common Product Services Component
CA Common Services
CA Datacom/AD
CA ecoMeter Server Component FOC
CA Easytrieve Report Generator for Common Services
CA Infocai Maintenance
CA IPC
Unicenter CA-JCLCheck Common Component
CA Mainframe VM Product Manager
CA Chorus Software Manager
CA On Demand Portal
CA Service Desk Manager - Unified Self Service
CA PAM Client for Linux for zSeries
CA Mainframe Connector for Linux on System z
CA Graphical Management Interface
CA Web Administrator for Top Secret
CA CA- Xpertware
Issue/Introduction
Since upgrading to CCS 14.1, the SECURITY RESET command does not appear to have any effect on permissions.
Since dynamic changes are rare, I didn't notice right away.
In the Change Resource Translation Table section of Administrating doc-ops, it states that the CAS9 CAIRACF DD needs to have entries such as 'RACFCLASS DTTABLE,[email protected],FASTAUTH=NO,CICS=YES' .
However, the docs from CCS states 'Fast RACHECK is used with a CICS application. CICS=YES implies FASTAUTH=YES' which seems to contradict the DB docs.
Also, the 15.1 docs state a sample is in CAI.SHLQ.CABDSAMP(CAS9SAFC), but I didn't find that member in either the 15.1 or 15.0 libraries.
he member is in the 14.0 library, but has the format 'RACFCLASS DTTABLE,[email protected],FASTAUTH=NO,CICS=NO'.
Can I get clarification on how these statements are to be coded?
Since dynamic changes are rare, I didn't notice right away.
In the Change Resource Translation Table section of Administrating doc-ops, it states that the CAS9 CAIRACF DD needs to have entries such as 'RACFCLASS DTTABLE,[email protected],FASTAUTH=NO,CICS=YES' .
However, the docs from CCS states 'Fast RACHECK is used with a CICS application. CICS=YES implies FASTAUTH=YES' which seems to contradict the DB docs.
Also, the 15.1 docs state a sample is in CAI.SHLQ.CABDSAMP(CAS9SAFC), but I didn't find that member in either the 15.1 or 15.0 libraries.
he member is in the 14.0 library, but has the format 'RACFCLASS DTTABLE,[email protected],FASTAUTH=NO,CICS=NO'.
Can I get clarification on how these statements are to be coded?
Cause
Documentation in error,and being corrected..
Environment
z/os, CA Datacom/DB 15.x using RACF
Resolution
CAS9SAFC parameters: FASTAUTH=NO,CICS=NO should be used (Instead of FASTAUTH=NO,CICS=YES).
CABDSAMP(CAS9SAFC) is correct.
Additional Information
https://docops.ca.com/ca-datacom/15-1/en/administrating/security-overview/using-external-security-for-ca-datacom/security-interfaces-racf/change-resource-translation-table
Above link should now display the correct information and be matching CABDSAMP(CAS9SAFC).
Feedback
Yes
No
Powered by
