Parameters for Facilities › OSF Parameters › OSFSECURITY Parameter

OSFSECURITY Parameter

The OSFSECURITY parameter determines whether the OSF operates with or without security checking. This parameter applies to OSF TSL, TSO, and TSP servers.

Default value:

NOSECURITY

This value allows the OSF to operate without security checking in a trial or test situation. If your system has no security product installed, CA OPS/MVS ignores the OSFSECURITY parameter setting and defaults it to NOSECURITY.

Other possible values:

CHECKUSERID

Most sites use this value for the OSFSECURITY parameter. If you specify this value, CA OPS/MVS checks that the issuer has been defined to the security product on the system.

CA OPS/MVS uses the security privileges assigned to the issuer of the command, as follows:

• For work sent to servers from rules (other than request rules), the security privileges are those assigned to the user ID that is specified as the value of the OSFPRODUCT parameter. For a description of OSFPRODUCT, see OSFPRODUCT Parameter in this chapter.
• For work sent to servers from request rules, the security privileges are those assigned to the TSO user ID.
• For work sent from consoles using the OSF command character (as defined by the OSFCHAR parameter), the security privileges are those assigned to the user ID that is specified as the value of the OSFCONSOLE parameter. For more information, see OSFCONSOLE Parameter in this chapter. For a description of the OSFCHAR parameter, see OSFCHAR Parameter in this chapter.
• For work sent to servers from TSO users using the ADDRESS OSF host command environment, the security privileges are those assigned to the TSO user ID.

Set or modify this parameter:

At initialization

Example: OSFSECURITY

This function tells CA OPS/MVS to operate the OSF with security checking.

OPSPRM('SET','OSFSECURITY','CHECKUSERID')