search cancel

ACIDs Suspended With LOCKTIME On TSO Facility.

book

Article ID: 54055

calendar_today

Updated On:

Products

Cleanup Datacom DATACOM - AD CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services CA ECOMETER SERVER COMPONENT FOC EASYTRIEVE REPORT GENERATOR FOR COMMON SERVICES INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA ON DEMAND PORTAL CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware Top Secret Top Secret - LDAP Top Secret - VSE

Issue/Introduction

Question:

When LOCKTIME 015 is set on the TSO facility, a user's terminal will lock after 15 minutes of inactivity. In Netpass at the ISPF command shell, the user types unlock and the password (when prompted) and the user can resume work. However, when in Savers or split screen or some other areas, a user will get locked. Unlock, TSS unlock or typing enter results in a suspended ACID. Why is the user getting suspended without a chance to unlock the terminal?

Answer:

LOCKTIME under TSO does not work the same as it does under CICS where once you have exceeded your LOCKTIME value, on the first security call the user will be prompted to enter the password in order to unlock the session. Under TSO, once the user's terminal is locked, a security call will result in a violation. Depending on the application, if the user is not given the chance to issue 'TSO TSS UNLOCK', then the user could hit VTHRESH and become suspended. For TSO, instead of using LOCKTIME on the TSO facility, it is recommended that the session manager's LOCKTIME be used.

Additional Information:

Please see the CA Top Secret Control Options Guide for more information about LOCKTIME.

Environment

Release: TOPSEC00200-15-Top Secret-Security
Component: