ACF2 setup for JES2 Email Delivery Services JES2EDS
search cancel

ACF2 setup for JES2 Email Delivery Services JES2EDS

book

Article ID: 129903

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC

Issue/Introduction



Are there sample CA ACF2 commands to implement JES2 Email Delivery Services JES2EDS?

Environment

Release:
Component: ACF2MS

Resolution

Attached below is a jobstream containing sample CA ACF2 commands to implement JES2 Email Delivery Services JES2EDS.

Note this sample job contains both ACF2 UID and Role based rules.                        

This job contains sample security definitions that should be reviewed based on the documentation provided in "Setting up JES2 Email Delivery Services".                
  1. This job contains statements that MUST be completed with installation-specific data.                             
  2. This job contains statements that may need to be modified for installation-dependent data, e.g. if non-default names were chosen.                            
  3. The statements below are intended for use with z/OS Security Server (ACF2).                                 
  4. This sample job requires the following fields to be changed or noted for installation-specific data:                     
                                                                  
  • Step 1. Note: This sample job uses JES2USER for the JES2EDS address space logonid.                               
  • Step 2. Note: This step uses the logonid identifier that is configured in step 1.                                
  • Step 3. Note: This step uses the logonid identifier that is configured in step 1.                                
  • Step 3c. To use an existing certificate authority (CA) certificate, modify the CERTDATA statement CERTDATA(CERTAUTH.exiting CA), as appropriate.      
  • Step 4. Verify/Change the RING(IZUKeyring.IZUDFLT) to the keyring that is associated with the user identifier that is configured for the z/OSMF server. To use an existing certificate authority (CA) certificate, modify the CERTDATA statement CERTDATA(CERTAUTH.exiting CA), as appropriate.      
  • Step 5. Verify/Change the CERTDATA(CERTAUTH.z/osmfserver cert) to the certificate that is used to sign a z/OSMF server certificate.                                         
  • Step 7. This step provides both UID based and Role based rules. If using UID based rules update the UID as noted. If using Role based rules comment out the sample UID based rules and un-comment and update the Role based rules.                                    

Attachments

1570191653126__ACF2_JES2EDS_Setup.txt get_app