Sometimes you will need to use special logonids and you must prepare for protection against their unauthorized use. The CA ACF2 for z/VM service machine requires only one logonid. All other service machines on that system, such as OPERATOR and AUTOLOG1, also require a logonid. AUTOLOG1 should have the AUTOALL privilege in the logonid record.
Another special logonid that may be needed is the service machine that normally performs disk backups, such as VMBACKUP. To avoid any problems with the backup process, you should define this service machine logonid with the NON‑CNCL attribute. Include a MAINT record entry for this ID in the MAINT VMO record. This MAINT entry allows the backup ID to bypass CA ACF2 for z/VM rule validation when the backup ID backs up your system and does not create an SMF record. See the Administrator Guide for more details about the MAINT VMO record.
Consider any other VM service machines that might require a special logonid. All MVS and VSE service machines must also have a logonid record and a VM directory entry.
|
Copyright © 2009 CA Technologies.
All rights reserved.
|
|