search cancel

EKMF Security Setup for Top Secret

book

Article ID: 253930

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

Top Secret security setup for EKMF.

Resolution

TSS CREATE(LIBSRVGP) NAME(LIBSRVGP) DEPT(deptname) TYPE(PROFILE) 
TSS CREATE(LIBSRVGG) NAME(LIBSRVGG) DEPT(deptname) TYPE(GROUP) 
TSS ADD(LIBSRVGG)  GID(?)  
TSS CREATE(LIBSRV) NAME('EKMF SERVER') DEPT(deptname) TYPE(USER) PROTECTED 
TSS ADD(LIBSRV) HOME('/u/libsrv') OMVSPGM('/bin/sh') UID(?) PROFILE(LIBSRVGP) 
TSS ADD(LIBSRV) GROUP(LIBSRVGG) DFLTGRP(LIBSRVGG)
TSS ADD(STC) PROCN(EKMFSRV) ACID(LIBSRV)
TSS ADD(STC) PROCN(EKMANGL) ACID(LIBSRV)
TSS ADD(owningacid) SERVER(BBG.)
TSS PER(LIBSRV) SERVER(BBG.) ACC(READ)
TSS CREATE(WSCLGP) NAME('WAS Unauthenticated Group') DEPT(deptname) TYPE(PROFILE) 
TSS CREATE(WSCLGPGG) NAME(WSCLGG) DEPT(deptname) TYPE(GROUP) 
TSS ADD(WSCLGG) GID(?)
TSS CREATE(WSGUEST) NAME('WAS DEFAULT USER') DEPT(deptname) TYPE(USER) PROTECTED 
TSS ADD(WSGUEST) HOME('/local/Websphere/home/WSCLGP') OMVSPGM('/bin/sh') UID(?) PROFILE(WSCLGP) 
TSS ADD(WSGUEST) GROUP(WSCLGG) DFLTGRP(WSCLGG) HOME('/local/Websphere/home/WSCLGP') OMVSPGM('/bin/sh') UID(?) 
TSS ADD(WSGUEST) GROUP(WSCLGG) DFLTGRP(WSCLGG)
TSS ADD(WSGUEST) PROFILE(WSCLGP) 
TSS ADD(WSGUEST) GROUP(WSCLGG) DFLTGRP(WSCLGG)
TSS ADD(owningacid) APPL(EKMFWEB)
TSS PER(WSGUEST) APPL(EKMFSERV)
TSS ADD(owningacid) CSFSERV(CSF)
TSS PER(LIBSRVGP) CSFSERV(CSF) ACC(READ)
TSS ADD(owningacid) CSFKEYS(EKMF)
TSS PER(LIBSRVGP) CSFKEYS(EKMF.) ACC(READ)
TSS ADD(owningacid) EJBROLE(EKMFWEB) 
TSS PER(ALL) EJBROLE(EKMFWEB)
TSS ADD(owningacid) EJBROLE(EKMFWEB) 
TSS CRE(EKMFWKA) NAME(EMFWKA) TYPE(PROFILE) DEPT(deptname)
TSS PER(EKMFWKA) APPL(EKMFWEB)
TSS PER(EKMFWKA) EJBROLE(EKMFWEB)
TSS ADD(LIBSRV) KEYRING(EKMFRING) LABLRING(EKMFKEYRING)
TSS ADD(owningacid) RDATALIB(LIBSRV)
TSS PER(LIBSRV) RDATALIB(LIBSRV.EKMFKEYRING.LST) ACC(READ)