The following is from the Informatica documentation:
Capture Registration and Extraction Map Security
This function provides security for defining, changing, and using capture registrations and extraction maps. The PowerExchange Navigator GUI provides the USER information by means of a user ID and password. Security checking is performed on the backend of the MVS platform. This feature is available only on MVS.
RACF Definitions
By default, PowerExchange uses RACF class FACILITY for the change data capture resource profiles. You can specify that PowerExchange use a different class for these resource profiles using the DBMOVER configuration file parameter RACF_CLASS. If you specify a different class in this parameter, the class must exist in RACF. If a new RACF class is created, the maximum length of a resource name has to be specified. The maximum length is 128 bytes which is also the default.
You can create the definition by using the following sample:
********************************************************************** * * * RACF ROUTER TABLE * * * ********************************************************************** * * ICHRFR01 CSECT PowerExchange ICHRFRTB CLASS=DETAIL,ACTION=RACF ENDTAB ICHRFRTB TYPE=END The resources used as part of the RACF definitions cannot exceed the maximum length.END ICHRFR01 You can define the resources as generic resources to minimize the number of RACF definitions. For example: Resources in Class Registration Where: Parameter Valid Values Description dbtype IMS DB2 ADA VSM DCM IDM IMS DB2 Adabas VSAM Datacom IDMS dbid Character string Instance value, Database ID, or Collection ID that is specified in the registration group containing the capture registration. registration_ name Character string Capture registration name. table_ name Character string Capture registration table name. Access to Resource Example Registration Definitions CAPX.REG.ADA.* (G) CAPX.REG.DB2.ADA200.RACF001 CAPX.REG.DB2.ADA200.RACF002 CAPX.REG.DB2.ADA200.* (G) CAPX.REG.DB2.ADA6531.* (G) CAPX.REG.DB2.DSN1.* (G) CAPX.REG.DB2.DS1G.STU* (G) CAPX.REG.DB2.DS1G.* (G) CAPX.REG.DB2.* (G) CAPX.REG.IMS.* (G) Example Extraction Definitions CAPX.CND.ADA200.* (G) CAPX.CND.ADA6531.* (G) CAPX.CND.DSN1.STU* (G) CAPX.CND.DSN1.* (G) CAPX.CND.DS1G.STU* (G)
What are the Top Secret equivalents of the above?
For sites that want to use the RACF FACILITY class as the resource class checked, the Top Secret equivalent class is IBMFAC.
With IBMFAC, only up to 8 characters are allowed in the TSS ADD command. (Up to 39 characters are allowed in the TSS PERMIT command for IBMFAC.) So, first own the resource via:
TSS ADD(dept) IBMFAC(CAPX.)
Then permit the resource via:
TSS PERMIT(acid) IBMFAC(CAPX.) or a more specific (longer) resource name.
If you want to use a different resource class, specify the class you want to use in the DBMOVER configuration file parameter RACF_CLASS.
Since users sign on to Informatica, the following should also be done: