search cancel

DFLTGRP and GROUP defined for OMVS

book

Article ID: 53392

calendar_today

Updated On:

Products

Cleanup COMMON SERVICES FOR Z/OS 90S SERVICES Common Services Mainframe VM Product Manager CHORUS SOFTWARE MANAGER PAM CLIENT FOR LINUX ON MAINFRAME WEB ADMINISTRATOR FOR TOP SECRET Top Secret Top Secret - LDAP Top Secret - VSE

Issue/Introduction

 To access OMVS (Unix System Services), it requires DFLTGRP defined for a user. What does DFLTGRP (and Group) do in OMVS?

Environment

Release:16.0 Top Secret 
Component:

Resolution

An ACID can have multiple GROUPs on it. The DFLTGRP selects which GROUP should be used in OMVS when a specific GROUP is not specified at signon time. When a user signs on to CA ROSCOE, TSO, CICS, etc, on the signon screen is a field where a group can be entered. (For example, in CA ROSCOE, the field is 'GROUP CODE'. In TSO, it is 'Group Ident ===>'.) If the user does not enter a group in this field, when the user signs on the DFLTGRP is assigned. If the user then enters OMVS, it will use this group.. The group specified in the DFLTGRP field must be one of the groups in the GROUP list on the acid.

Part of the native Unix System Security uses the user's group. The DFLTGRP is indirectly used in OMVS to specify which group the user is using when the user enters OMVS if the user did not specify a GROUP at signon time. Specific questions on how native Unix System Security works should be directed to IBM. CA Top Secret is just a repository for the OMVS fields (UID, GROUP, DFLTGRP, HOME, OMVSPGM).