Release 14.1 of CA Common Services for z/OS now uses a //CAIRACF DD card in the CAS9 proc to define the RACF security classes needed for Datacom r14.0. If I use this DD card, will it affect the security settings for any other CA product?

book

Article ID: 6301

calendar_today

Updated On:

Products

CA CIS CA Common Services for z/OS CA 90s Services CA Database Management Solutions for DB2 for z/OS CA Common Product Services Component CA Common Services CA Datacom/AD CA ecoMeter Server Component FOC CA Easytrieve Report Generator for Common Services CA Infocai Maintenance CA IPC Unicenter CA-JCLCheck Common Component CA Mainframe VM Product Manager CA Chorus Software Manager CA On Demand Portal CA Service Desk Manager - Unified Self Service CA PAM Client for Linux for zSeries CA Mainframe Connector for Linux on System z CA Graphical Management Interface CA Web Administrator for Top Secret CA CA- Xpertware CA Compress Data Compression for MVS CA Compress Data Compression for Fujitsu

Issue/Introduction

We are running Common Services r14.1 along with release 14.0 of CA Datacom.  RACF is our security product.  As per Datacom/DB APAR RI71276, we need to add a //CAIRACF DD statement to CAS9.   We haven't created a CAS9SAFC User Exit and don't have the prebuilt exit CAS9SAFC in our CAW0LOAD loadlib.   

If i add the CAIRACF DD statement to CAS9, will this affect other the security settings for any other of the CA products installed on our system?  If so, what preventive action do we need to take? 

 

 

Cause

Release 14.1 of CA Common Services for z/OS changed the method of defining RACF Security Classes for the various CA mainframe products that may require them.   Datacom/DB is one of them and documentation apar RI71276 details the RACF Security Class definitions necessary for Datacom/DB r14.0.  

Environment

CA Common Services for z/OS r14.1, Datacom/DB release 14.0 using IBM RACF security.

Resolution

CA Common Services Version 14.1 modified the method by which CAS9SAFC RACF external security resource class definitions are added or changed.

Prior to Version 14.1, a CAS9SAFC source module had to be updated, assembled and link edited if additions or changes were needed. Beginning with Version 14.1, a //CAIRACF DD statement included in the CAS9 proc now points to control cards that define the necessary RACF security classes.  The RACF security class table is built dynamically when CAIRIM reads and processes these definitions.   

 

Additional Information

Please refer to the following documentation for details about the changes to the method of defining the necessary RACF security classes: 

  • The CA Common Services r14.1 Release Notes
  • The CA Common Services r14.1 Documentation wiki describing the changes to the customization required for RACF sites