Example: Use CA ACF2 to Configure PassTicket

How to Configure PassTicket for CA Insight Database Performance Monitor › Configure PassTicket in ESM › Example: Use CA ACF2 to Configure PassTicket

Example: Use CA ACF2 to Configure PassTicket

Note: The example is provided as a guideline. For detailed information about using these commands, see the CA ACF2 for z/OS Administration Guide.

You want to configure PassTicket for the DB2TOOLS application. DB2TOOLS is the application name (appl_name) that is used in this example.

Follow these steps:

Associate a session key with DB2TOOLS:
```
SET PROFILE(PTKTDATA) DIVISION(SSIGNON)
INSERT DB2TOOLS SSKEY(session_key) MULT-USE
F ACF2,REBUILD(PTK),CLASS(P)
```
session_key

Defines a session (encryption) key using 16 hexadecimal digits (creating an 8-byte or 64-bit key). Use a site-specific key value. Keep the value secret.

Example: 0123456789ABCDEF

The CA Insight DPM session key is defined. The same PassTicket can be reused multiple times.
Enable the WILYZOS job to generate PassTicket for the DB2TOOLS application:
```
SET RESOURCE(PTK)
RECKEY IRRPTAUTH ADD(DB2TOOLS.- UID(wilyzos_uid) SERVICE(UPDATE,READ) ALLOW)
```
wilyzos-uid

Specifies the CA ACF2 UID for the WILYZOS job. This UID must be able to generate PassTicket for any user.
Permit access to the DB2TOOLS application for each user that is permitted to access the CA Insight DPM data:
Note: Complete this step only if you have already defined the DB2TOOLS application resources. If you inserted a GSO CLASMAP record to change the type code for the APPL class to APL, use APL instead of SAF in the commands.
```
ACF
SET RESOURCE(SAF)
RECKEY DB2TOOLS ADD(UID(wilyzos_uid) SERVICE(READ) ALLOW)
RECKEY DB2TOOLS ADD(useridn UID(useridn_uid) SERVICE(READ) ALLOW)
F ACF2,REBUILD(SAF)
```
useridn and useridn_uid

Specifies the user ID and UID of the user requesting access to CA Cross-Enterprise APM.

The WILYZOS job can generate PassTicket for the specified user IDs.