Top Secret Converting the RACF IWNRACF2 job commands for IBM CSM

Products

Top Secret

Issue/Introduction

How to convert the RACF IWNRACF2 job to Top Secret Commands.

Related IBM Copy Services Manager for z/OS Articles:

136788 Top Secret Converting the RACF IWNRACFC job commands for IBM CSM
136782 Top Secret Converting the RACF IWNRACF2 job commands for IBM CSM
136783 Top Secret Converting the RACF IWNRACF3 job commands for IBM CSM
136785 Top Secret Converting the RACF IWNRACF4 job commands for IBM CSM
136786 Top Secret Converting the RACF IWNRACF5 job commands for IBM CSM

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

//IWNRACF2 JOB <job parameters>

//*********************************************************************

//* LICENSED MATERIALS - PROPERTY OF IBM *

//* THIS PRODUCT CONTAINS "RESTRICTED MATERIALS OF IBM" *

//* (C) COPYRIGHT IBM CORPORATION 1999, 2016. *

//* *

//* IBM Copy Services Manager for z/OS *

//* *

//* CAUTION: This is neither a JCL procedure nor a complete job. *

//* Before you use this job step, make the following modifications: *

//* *

//* This job defines the user IDs that are associated with the *

//* Copy Services Manager address spaces - IWNSRV and *

//* optionally IWNAUTH. *

//* *

//* 1) Change the job card to meet your system requirements. *

//* 2) Replace the following variables: *

//* #user_id - User ID for the Copy Services Manager *

//* started tasks. *

//* - It is suggested that you use "IWNSRV" *

//* as the user ID. *

//* #group_name - Group name for the IWNSRV and *

//* optional IWNAUTH *

//* address spaces. *

//* #gid - Group ID number for the IWNSRV and *

//* optional IWNAUTH *

//* address spaces. *

//* #uid - User ID number. *

//* #ussPath - Home directory for #user_id, for example *

//* <-path_prefix>/opt/IBM/CSM *

//* as set in the IWNINSTL job. *

//* *

//*********************************************************************

/*

//IWNSRV EXEC PGM=IKJEFT01

//SYSLBC DD DSN=SYS1.BRODCAST,DISP=SHR

//SYSTSPRT DD SYSOUT=*

//SYSTSIN DD *

/* Define the Copy Services Manager address space user ID. */

ADDGROUP #group_name OMVS(GID(#gid))

ADDUSER #user_id DFLTGRP(#group_name) OMVS(UID(#uid) +

HOME(#ussPath) +

PROGRAM(/bin/sh)) +

NAME('Copy Services Manager Address Spaces') +

NOPASSWORD

TSS CRE(#user_id) TYPE(USER) NAME('Copy Services Manager') PASS(XXXX,0) DEPT(dept_acid)

TSS CRE(#group_name) TYPE(GROUP) NAME('#group_name') DEPT(dept_acid)

TSS ADD(#group_name) GID(xx)

TSS ADD(#user_id) UID(xx)

TSS ADD(#user_id) GROUP(#group_name) DFLTGRP(#group_name) HOME(/#ussPath) OMVSPGM(/bin/sh)

/* Define the started profiles. */

RDEF STARTED IWNSRV.* UACC(NONE) STDATA(USER(#user_id) +

GROUP(#group_name) PRIVILEGED(NO) TRUSTED(NO) TRACE(YES))

RDEF STARTED IWNAUTH.* UACC(NONE) STDATA(USER(#user_id) +

GROUP(#group_name) PRIVILEGED(NO) TRUSTED(NO) TRACE(YES))

TSS ADD(#user_id) FAC(STC)

TSS ADD(STC) PROCNAME(IWNSRV*) ACID(#user_id)

/* If you plan on utilizing LDAP on the system uncomment the */

following lines

RDEF STARTED IWNAUTH.* UACC(NONE) STDATA(USER(#user_id) +

GROUP(#group_name) PRIVILEGED(NO) TRUSTED(NO) TRACE(YES))

TSS ADD(STC) PROCNAME(IWNAUTH*) ACID(#user_id)

SETROPTS RACLIST(STARTED) GENERIC(STARTED) REFRESH

/* Permit access to ANT.REPLICATIONMANAGER. */

RDEFINE FACILITY ANT.REPLICATIONMANAGER UACC(NONE)

PERMIT ANT.REPLICATIONMANAGER CLASS(FACILITY) +

ID(#user_id) ACCESS(CONTROL)

TSS ADD(owning_dept) IBMFAC(ANT.)....unless already owned

TSS PER(#user_id) IBMFAC(ANT.REPLICATIONMANAGER) ACC(CONTROL)

/* If the user is running a Liberty Angel server uncomment */

/* the following 2 lines */

/* RDEF SERVER BBG.ANGEL UACC(NONE) */

/* PERMIT BBG.ANGEL CLASS(SERVER) ACCESS(READ) ID(#user_id) */

TSS ADD(dept_acid) SERVER(BBG.)

TSS PER(#user_id) SERVER(BBG.ANGEL) ACCESS(READ)

SETROPTS RACLIST(FACILITY) REFRESH

/*