Define New Started Task to Top Secret
search cancel

Define New Started Task to Top Secret

book

Article ID: 27209

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

When trying to signon to a newly defined started task, the following error message occurs:

TSS7150A SPECIFY PASSWORD FOR STC=xxxxxx ACID=xxxxx

on the operator console.

Resolution

Whenever implementing a new started task that is a multi-user address space, the following Top Secret administrative actions should be followed:

  1. Define the started task to the in STC table with an existing or new acid.

    TSS ADD(STC) PROCN(procname) ACID(acidname)

    This assumes that the acidname already exists. It may be necessary to create a new acid with TYPE(USER), a non-expiring password, and authorization to the FACILITY(STC).
    Example:
    TSS CREATE(STCACID) TYPE(USER) DEPT(SYSTEMS) PASS(NOPW,0) FAC(STC)

  2. Assign the FACILITY to the started task acid:

    TSS ADD(acid) MASTFAC(facname)

    The facname is either an existing FACILITY or a newly created FACILITY, already defined to the  Top Secret Control Options File.  To create a new FACILITY, rename an unused existing USERxx FACILITY entry to your desired FACILITY name. This new facility can be done dynamically, via a TSS MODIFY (FAC(USERxx=NAME=newfacilityname)).
    Example :
    TSS MODI(FAC(USER22=NAME=NEWFAC))
    In order to make this change permanent, update the Top Secret Control Options File with the same statements entered via the TSS MODIFY command.

    Other default FACILITY attributes may also be modified at this time.
    • It is recommended that NORES attribute be changed to RES for the FACILITY via TSS MODIFY FAC(facilityname=RES)
    • Ensure that the mode is set properly via FACILITY MODE Control Option TSS MODIFY FAC(facilityname=MODE=mode)
    • Please check your existing FACILITYs and compare them to your newly created FACILITY to help ensure you are conforming to your site specific security requirements.

  3. Grant the appropriate users to the FACILITY via:

    TSS ADD(acid) FACILITY(facilityname)
    This can be done at the user, profile, or ALL record level.

  4. Restart the started task for the above changes to go into effect.

  5. Once the above steps have been completed, the started task is ready for signon by users.

This should apply to any address space where a user will need to supply a userid, and password. Whether it be a new CICS region, or any other application that will issue IBM's RACROUTE REQUEST=VERIFY macro.

Powered by Wolken Software