When FACILITY VM Required
search cancel

When FACILITY VM Required

book

Article ID: 118541

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP

Issue/Introduction

Is the VM facility only required for IDs that will actually perform signon? Do service machines (those that are XAUTOLOG'd and not signed on to directly) require this facility as well? 

Environment

Release:
Component: TSSMVS

Resolution

Per the doc, users that logon to a virtual machines are the ones that need the VM FACILITY:

https://techdocs.broadcom.com/us/en/ca-mainframe-software/security/ca-top-secret-for-z-vm/12-1/administering/administering-facility-security/vm-as-a-facility.html

If a user is not authorized, they will receive a FACILITY NOT AUTHORIZED message and get a security violation with a detailed reason code of 1C when running a TSSUTIL audit report.

XAUTOLOGed machines don't need the VM FACILITY. 

Powered by Wolken Software