TEMS RACF commands to Top Secret TSS commands

book

Article ID: 110855

calendar_today

Updated On:

Products

CA Top Secret CA Top Secret - LDAP

Issue/Introduction

Need TEMS RACF commands to setup security to TSS commands.

Environment

Release:
Component: TSSMVS

Resolution

Here are the commands converted to TSS.

1) Update RACF or equivalent security system for the user ID (with OMVS segment) assigned to product started tasks. This is applicable to the TEMS, the enhanced 3270 user interface, the OMEGAMON Subsystem, and the Agent address spaces.

2) Identify the user ID you created as a Superuser.
For example:
ALU <user ID> OMVS(UID(0) HOME(/) PROGRAM(/bin/sh))

TSS ADD(acid) UID(0) HOME(/) OMVSPGM(/bin/sh)

3) Use the RDEFINE command to associate the user ID with
various product started tasks:
For example:
RDEFINE STARTED SYO5DSST.* -
STDATA(USER(userID) GROUP(SYS1))

TSS ADD(STC) PROCN(SYO5DSST) ACID(acid)

o Topic: Setting Up the STARTED Class
With the STARTED class, you do not need to change code or re-IPL the system in order to add or modify RACF® identities for started procedures. You can modify the security definitions for started procedures dynamically, using the RDEFINE, RALTER, and RLIST commands. See z/OS Security Server RACF Command Language Reference for more information on these commands. In effect, the STARTED class provides a dynamic started procedures table. To set up the STARTED class, enter these commands:

Example:
SETROPTS GENERIC(STARTED)

Not needed in TSS.

RDEFINE STARTED JES2.* UACC(NONE)
STDATA(USER(JES2) GROUP(STCGROUP) TRUSTED(YES))

TSS ADD(STC) PROCN(JES2) ACID(JES)

RDEFINE STARTED ** UACC(NONE)
STDATA(USER(=MEMBER) GROUP(STCGROUP) TRACE(YES))

TSS ADD(STC) PROCN(**) ACID(acid)


4) After you issue all the RDEFINE commands, issue the
refresh commmand:
For example:
SETROPTS RACLIST(STARTED) REFRESH

Not needed in TSS.