Specific Control Options › DOWN—Inactive Characteristics

DOWN—Inactive Characteristics

Valid on z/OS and z/VM.

Use the DOWN control option to determine how jobs are initiated and passwords changed when the CA Top Secret address space is inactive. This control option must be set while CA Top Secret is active.

All entry methods are accepted.

This control option has the following format:

DOWN(facility,action,facility,action,…facility,action)

facility

Identifies the system facility being affected by the DOWN action. Valid values are:

• B—BATCH facility
• T—TSO
• S—STC initiation
• O—All other facilities

action

Identifies the action that CA Top Secret performs when its address space is DOWN. Valid values are:

• W—Wait for CA Top Secret to be reactivated.
• B—Bypass security checking. Does not invoke CA Top Secret until restarted.
• F—Fail the request.
• N—Revert to native security (if any) until restarted.

The default is DOWN(BW,SB,TW,OW).

The DOWN options are ignored if CA Top Secret is processing in global DORMANT mode.

The following table shows how DOWN actions affect various CA Top Secret processes:

Examples: DOWN control option

This example shows how the default DOWN(BW,SB,TW,OW) forces CA Top Secret to process security when its address space is down.

BW

Batch jobs and password changes (B) will wait for CA Top Secret to be reactivated (W).

SB

STC initiations (S) will bypass security checking (B).

TW

TSO logons and password changes (T) will wait for CA Top Secret to be reactivated (W).

OW

Online initiations and password changes (O) will wait for CA Top Secret to be reactivated (W).

Note: An action of B normally indicates to bypass all security. However, a TSO logon with a DOWN option of TB in effect will result in the UADS password for the user being checked.