TSSXTEND and TSSRECVR › TSSXTEND Considerations

TSSXTEND Considerations

To ease the transition from the existing backup file to the new security file, consider the following points:

• Renaming new files—When the SECFILE or BACKUP file needs to be copied, the new file has a different DSNAME than the old file. If the old files were created under an earlier release of CA Top Secret, you may need to alter the parameters of TSSMAIND, TSSMAINS, and TSSMAINB to correspond with the new release values resulting from TSSFAR in the new release running against the old file.
  • Run TSSFAR with STEPLIB against the old security file. For details on using SFSTATS report to set ACCESSORS and VOLUMES, see the Troubleshooting Guide.
  • Run TSSMAIND to determine the correct number of blocks.
  • Run VSAMDEF3 to allocate a new VSAM file. Run STEP 2 only if the security file is shared.
  • Run TSSMAINS to correctly allocate the new security file. If the security file is shared, run STEP 2 of TSSMAINS.
  • Run TSSXTEND to COPY SECURITY.
• Creating a new backup security file—After you have successfully copied the old security file into the newly created security file, format a new backup file capable of accommodating the new security file.

  After the security file has been correctly allocated and copied, use TSSMAINB to allocate the backup with identical parameters (except ID=BACKUP).

  To assure that the backup file is adequate run TSSXTEND to COPY SECURITY from the new security file to the new backup.

• Changing the PROC statements—After the new security and backup files are created, you must change the PROC statements in your JCL procedures (namely, TSS STC, TSSB STC, and backup and recovery procedures) to point to the new files.
• Changing the encryption key—You can use TSSXTEND to change your company's security file encryption key. Ordinarily, your company's encryption key should never be changed. However, if you suspect that the integrity of your key has been violated, you can change to a new key. If you change the key, the encryption must be also changed on the CA Top Secret load library. Run member TSSKEY, found in the CAKOJCL0 data set using the APPLY CRYPTKY control statement, and supply the new key so that CA Top Secret can operate correctly.

  Important! The encryption key must be the same on the security file and the CA Top Secret load library.

• Deleting old files—Do not delete the old security file and backup files until you confirm that the file enlargement/replacement was successful. Provided that you have supplied the names of the new files in all the necessary JCL PROCs, the new and old files can reside on disk without causing CA Top Secret to malfunction.
• IPL the security file—When any change is made to the security file using a TSSMAINT/TSSXTEND combination an IPL is required.