Anything Needed In Top Secret To Deactivate STC ENFSNMPM And DCM (CAS9DCM4) In ENFPARMS?
Article ID: 191528
Updated On:
Products
Top Secret
Top Secret - LDAP
WEB ADMINISTRATOR FOR TOP SECRET
Issue/Introduction
Started task ENFSNMPM will be deactivated and DCM (CAS9DCM4) removed from ENFPARMS. Are there any changes required to the CA Top Secret parameters?
Environment
Release : 16.0
Component : CA Top Secret for z/OS
Resolution
The CA Common Services documentation (Customize the ENFSNMPM Procedure) has the following for ENFSNMPM and security:
**
4. Define a security OMVS segment for the user ID associated with the CAIENF SNMP Monitor started task because it uses TCP/IP. You can define a new user ID to the security package or you can use an existing user ID that already has an OMVS segment definition.
5. (CA Top Secret® only). Define a TSS ACID with a valid OMVS segment for the ENFSNMPM procedure. For example, for TSS users:
TSS ADD(stc) PROCNAME(ENFSNMPM) ACID(omvs)
In this example, you call your procedure ENFSNMPM as delivered. You run it as a started task and OMVS is the proper ACID to use in your environment.
If you do not define this value properly, you can get a U4093 ABEND with a reason code of x'90'.
**
It is not required that these steps be undone, but they can be undone by doing the following:
TSS REM(STC) PROCNAME(ENFSNMPM)
TSS DELETE(acid)
where ‘acid’ is the user ACID associated with the CAIENF SNMP Monitor started task.
It is not recommended to delete the ACID associated with the CAIENF SNMP Monitor started task (TSS DELETE(acid) ) right away. The reason is this ACID may be used somewhere else. For example, this ACID may be associated with other started tasks.
If deleting it, use:
TSS DELETE(acid) ARCHIVE INTO(pds.data.set.name(acid))
This way the ACID's permissions and resources will be placed into the dataset in the form of TSS commands. The TSS commands can be used to restore the ACID if it's still needed for something.
Another option is suspend the ACID (TSS ADD(acid) SUSPEND) and leave it suspended for a while. If it's needed somewhere else, the suspend can be removed (TSS REMOVE(acid) ASUSPEND). If, after running for a while with the ACID suspended and it is found that the acid is not used, it should be ok to delete it.
**
4. Define a security OMVS segment for the user ID associated with the CAIENF SNMP Monitor started task because it uses TCP/IP. You can define a new user ID to the security package or you can use an existing user ID that already has an OMVS segment definition.
5. (CA Top Secret® only). Define a TSS ACID with a valid OMVS segment for the ENFSNMPM procedure. For example, for TSS users:
TSS ADD(stc) PROCNAME(ENFSNMPM) ACID(omvs)
In this example, you call your procedure ENFSNMPM as delivered. You run it as a started task and OMVS is the proper ACID to use in your environment.
If you do not define this value properly, you can get a U4093 ABEND with a reason code of x'90'.
**
It is not required that these steps be undone, but they can be undone by doing the following:
TSS REM(STC) PROCNAME(ENFSNMPM)
TSS DELETE(acid)
where ‘acid’ is the user ACID associated with the CAIENF SNMP Monitor started task.
It is not recommended to delete the ACID associated with the CAIENF SNMP Monitor started task (TSS DELETE(acid) ) right away. The reason is this ACID may be used somewhere else. For example, this ACID may be associated with other started tasks.
If deleting it, use:
TSS DELETE(acid) ARCHIVE INTO(pds.data.set.name(acid))
This way the ACID's permissions and resources will be placed into the dataset in the form of TSS commands. The TSS commands can be used to restore the ACID if it's still needed for something.
Another option is suspend the ACID (TSS ADD(acid) SUSPEND) and leave it suspended for a while. If it's needed somewhere else, the suspend can be removed (TSS REMOVE(acid) ASUSPEND). If, after running for a while with the ACID suspended and it is found that the acid is not used, it should be ok to delete it.
Feedback
Yes
No
Powered by
