How to allow a few users to signon multiple times to CA-ACF2/CICS regions.
search cancel

How to allow a few users to signon multiple times to CA-ACF2/CICS regions.

book

Article ID: 26611

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC PanApt PanAudit

Issue/Introduction

I have a few particular users that I need to allow multiple signons to a CICS region. How do I allow these few users to signon without making this a global option?

 

 

Environment

Release:
Component: ACF2MS

Resolution

By default, CA-ACF2 with the CA-ACF2/CICS interface will allow only one logon per user to a CICS region. To allow select logonids multiple access to a region, there are few steps that need to be done.

The first is, do you want this selectivity over multiple regions, and each region separate, or is one setting good for all regions.

If one setting is good for all the regions, then you can use the MULTSIGN privilege.

To the users logonid, set MULTSIGN.

    TSO ACF 
    CHANGE logonid MULTSIGN

Then you need to add the field name to the CA-ACF2/CICS parameters:

    LIDFIELD MULTSIGN=MULTSIGN

To make these changes take effect, CICS has to be re-cycled. The user should now be able to logon to this region multiple times.

If you want to have separate bits for different regions, you need to update the ACFFDR with a new bit field names. For example, let us define a field called CICSMUL1 and CICSMUL2 for CICS regions 1 and 2 respectively.

    @CFDE CICSMUL1,LIDU1FLG,BIT,ALTER=SECURITY+ACCOUNT,LIST=ALL, 
    FLAGS=NULL,BITMAP=LIDU1CI1,GROUP=2 
    @CFDE CICSMUL2,LIDU1FLG,BIT,ALTER=SECURITY+ACCOUNT,LIST=ALL, 
    FLAGS=NULL,BITMAP=LIDU1CI2,GROUP=2 
    LIDU1FLG   DS  X      MISCELLANEOUS USER FLAGS 
    LIDU1FL8   EQU X'80'  RESERVED FOR FUTURE USE 
    LIDU1FL7   EQU X'40'  RESERVED FOR FUTURE USE 
    LIDU1FL6   EQU X'20'  RESERVED FOR FUTURE USE 
    LIDU1FL5   EQU X'10'  RESERVED FOR FUTURE USE 
    LIDU1FL4   EQU X'08'  RESERVED FOR FUTURE USE 
    LIDU1FL3   EQU X'04'  RESERVED FOR FUTURE USE 
    LIDU1CI2   EQU X'02'  CICS 2 MULTIPLE SIGNON 
    LIDU1CI1   EQU X'01'  CICS 1 MULTIPLE SIGNON

Standard ACFFDR usage applies, such as making sure any new data fields or bytes, such as LIDU1FLG are added at the END of the user section. After any changes, the ACFFDR will need to be re-assembled and a F ACF2,NEWMOD(ACFFDR) will need to be issued. If you are using minilids in CICS, you will also need to make sure that the bytes added are included in the minilid so that they are passed to CICS.

Then you will need to add the new field name to the CA-ACF2/CICS parameters.

For CICS region 1:

    LIDFIELD MULTSIGN=CICSMUL1

For CICS region 2:

    LIDFIELD MULTSIGN=CICSMUL2

You need to use the name of the field used in the @CFDE or CICS initialization will get error message ACFAE189 message is issued identifying the erroneous field at startup. To make these changes take effect, CICS has to be re-cycled.

Then add the appropriate bit field to the users logonid record

    TSO ACF 
    CHANGE logonid CICSMUL1 
    Or 
    CHANGE logonid CICSMUL2

The user should now be able to logon to the region of the privilege multiple times.

Note: The MULTSIGN usage overrides the SIGNON ENQSCOPE= parm in ACF2/CICS.

Powered by Wolken Software