This article describes the security considerations for executing IDMS commands from the operator's console.

Failing to fulfil these considerations will result in a DC021102 SECURITY VIOLATION.

Release: All supported releases.

Commands issued at the operator's console fall in to two categories.

1. Operator commands that can only be executed on the console
2. Other IDMS commands that are also normally executed from the ENTER NEXT TASK CODE: prompt.

For more information, see Executing IDMS/DC commands at the operator console.

For the operator commands, there is no security at all regardless of what is defined in RHDCSRTT. No signon is required and no security check is performed.

For the other IDMS commands, the same security requirements exist as if they were being executed from the ENTER NEXT TASK CODE: prompt. I.e. if the task code is secured, a signon will be required and the userid in the signon will need to have the security authorization to execute the task.

There are two ways to achieve the signon.

1. Just issue the signon as a console command: /<reply-number>,99signon <userid> <password>
   This works but is not desirable as it may not be possible to prevent the password from being visibly displayed on the system log.
2. Use DFLTSGN. When the command is issued, IDMS will perform an automatic signon using the userid as defined in the DFLTUID parameter, and no password has to be specified.

Whichever of these two methods is used, the resulting userid will need to be defined as a user and have the authority to execute the task.