search cancel

Setup Rocket Software/IBM ITOM

book

Article ID: 188968

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

When converting the RACF security commands provided by the vendor into Top Secret commands for Rocket Software IBM ITOM, what is expected to be set in the following variable:

//* - CHANGE ?SAF_CLASS? to the class type.  The recommended setting */

//*     is XFACILIT to handle long names. FACILITY is also valid.    */

//*     This must be the same value you specified in BJT#RDEF        */

Converting this SAF_CLASS variable into the Top Secret equivalent, would it be an IBMFAC? An example RACF command using this variable is:

PERMIT BJT.?BJTQUAL?.ADM.ATT   ACCESS(ALTER)   +

  CLASS(?SAF_CLASS?) ID(?BJTADMIN?)

 

Should this be set as follows in Top Secret:

TSS PER(?BJTADMIN?) IBMFAC(BJT.?BJTQUAL?.ADM.ATT) ACC(ALL)

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

The items with the ? around them are variables that each site is supposed to set. For example, ?SAF_CLASS? is the resource class to be used for the checks. Whatever is set for ?SAF_CLASS? must be the same value in BJT#RDEF. It recommends using XFACILIT to handle long resource names. (Top Secret allows 26 characters in the TSS ADD command for XFACILITY resource names and 246 characters in the TSS PERMIT command.)

If FACILITY is chosen for ?SAF_CLASS?, the Top Secret equivalent is IBMFAC. (Top Secret allows 8 characters in the TSS ADD command for IBMFAC resource names and 39 characters in the TSS PERMIT command.)

?BJTQUAL? looks like a variable for a qualifier and ?BJTADMIN? looks like a variable for the BJT admin ACID.