The CA Chorus components and disciplines use z/OS TCP/IP communications services and z/OS UNIX System Services (USS). Define an OMVS segment for each user so that they can access z/OS USS resources when working in CA Chorus. Use CA ACF2, CA Top Secret, or IBM RACF to enable this access.
To authorize CA Chorus users to access z/OS USS resources, define an OMVS segment for each user that contains the following options:
Note: A policy could exist at your site for assigning OMVS UID numbers. If not, use a unique number.
Follow these steps:
LIST userid profile(all) section(all)
TSS LIST(userid) DATA(ALL)
LISTUSER userid OMVS NORACF
If the user does not have this access, go to the next step.
For example, to set up a directory named /u/name for UIDnnn, issue the following commands in the OMVS UNIX shell:
mkdir /u/name chown nnn /u/name chmod 775 /u/name
ls -ld /u/name
The following sample results appear:
drwxrwxr-x 2 user group 8192 Sep 31 14:58 /u/name
The bold areas show that the correct owner and read/write access exists.
Note: A valid group record must exist before executing these commands.
CHANGE userid UID(uid) HOME(path_name) OMVSPGM(/bin/sh) GROUP(ggggg)
TSS ADD(userid) HOME(path_name) OMVSPGM(/bin/sh) UID(uid) GROUP(ggggg) DFLTGRP(ggggg)
ALU userid OMVS(UID(uid) HOME(path_name) PROGRAM(/bin/sh)) GROUP(ggggg) DFLTGRP(ggggg)
The following syntax variables apply to all three security products:
Identifies the user ID.
Identifies the home directory to associate with each user ID.
Identifies the user identification (UID) number.
Identifies the OMVS group.
LIST userid profile(all) section(all)
TSS LIST(userid) DATA(ALL)
LISTUSER userid OMVS NORACF
The user now has a defined OMVS segment and can access USS, which is required for users to work in CA Chorus.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|