An STC is associated with a specific ACID through two TSS command entries- TSS CREATE and ADDTO- that are used to assign a unique ACID to an STC. To associate the STC procedure DUMPSMF with ACID OPS100, you must begin with the CREATE command, as shown below.
TSS CREATE(OPS100) TYPE(USER)
NAME('DUMPSMF ACID')
DEPARTMENT(OPERS)
PASSWORD(NUXY,0)
FACILITY(STC)
In this example, ACID OPS100 is defined with a password of NUXY, which never expires. (Note that the ACID is defined with FACILITY(STC) which allows it to execute as a started task.)
The second CA Top Secret entry required to associate an STC with an ACID is the procedure that adds the STC to the STC Record:
TSS ADDTO(STC) PROCNAME(DUMPSMF)
ACID(OPS100)
A family of procedures can be associated with a single ACID by specifying a PROCNAME prefix. For example:
TSS ADDTO(STC) PROCNAME(DUMP*)
ACID(OPS100)
This example associates all procnames starting with DUMP with a region ACID of OPS100.
This entry specifies that the DUMPSMF STC is defined and associated with the ACID OPS100, meaning that the DUMPSMF STC procedure executes as a started task under the access authorizations of ACID OPS100. (The authorizations for this ACID are designated through TSS ADDTO(OPS100) and TSS PERMIT(OPS100) entries.) When specified in this way, the operator will never be prompted for the ACID associated with the job, but will have to supply the password NUXY.
Many sites may find it advisable to create STCs with a password of NOPW as shown in the next example.
Note: Specifying a password is required only for critical STCs. In most cases, NOPW is appropriate.
TSS CREATE(OPS200) TYPE(USER)
NAME('DUMPSMF ACID')
DEPARTMENT(OPERS)
PASSWORD(NOPW,0)
FACILITY(STC)
Because it is possible for several started tasks to execute from the same procedure name, the operator can assign an individual ACID to each instance of the started task procedure. A procedure may be started by different departments with different parameters and security concerns. To resolve this problem, the administrator can assign the action PROMPT instead of a specific ACID for every instance of the procedure. For example:
TSS ADD(STC) PROCNAME(IMS*)
ACID(PROMPT)
This example prompts the operator for an ACID and PASSWORD which is assigned to the execution of any procedure which begins with the prefix "IMS":
S IMS91 06 TSS7151A Specify AccessorID/Password to be Used With STC=IMS91 R 6,IMS91C/IMSC IEE600I REPLY TO 06 IS;SUPPRESSED $HASP100 IMS91 ON STCINRDR IEF695I START IMS91 WITH JOBNAME IMS91 IS ASSIGNED TO USER IMS91C , GROUP OMVSGRP $HASP373 IMS91 STARTED
When the ACID in the STC has NOPW, the operator is not be prompted for the ACID password when starting SMFDUMP with this definition:
TSS ADD(STC) PROCNAME(SMFDUMP)
ACID(OPS200)
A started task may be of such sensitivity that starting the task should record the ACID and PASSWORD of the operator who entered the command. For example, database regions which govern access to sensitive data:
TSS ADD(STC) PROCNAME(IMSPAY)
ACID(PAYRGN)
STCACT
With PAYRGN defined:
TSS CREATE(PAYRGN) TYPE(USER)
NAME('DUMPSMF ACID')
DEPARTMENT(PAYDEPT)
PASSWORD(passwd,0)
FACILITY(STC,IMSPROD)
When an operator enters the console command START IMSPAY the message TSS7152A prompts for the operator's ACID and password. When a valid identification is given TSS7150A prompts for the PAYRGN password, which the definition associates with the started task.
Because it is possible for several started tasks to execute from the same procedure name, the operator can assign an individual ACID to each instance of the started task procedure. A procedure may be started by different departments with different parameters and security concerns. To resolve this problem, the administrator can assign the action PROMPT instead of a specific ACID for every instance of the procedure. For example:
TSS ADD(STC) PROCNAME(IMS*)
ACID(PROMPT)
This example prompts the operator for an ACID and PASSWORD which is assigned to the execution of any procedure which begins with the prefix "IMS":
S IMS91 06 TSS7151A Specify AccessorID/Password to be Used With STC=IMS91 R 6,IMS91C/IMSC IEE600I REPLY TO 06 IS;SUPPRESSED $HASP100 IMS91 ON STCINRDR IEF695I START IMS91 WITH JOBNAME IMS91 IS ASSIGNED TO USER IMS91C , GROUP OMVSGRP $HASP373 IMS91 STARTED
When the ACID in the STC has NOPW, the operator is not be prompted for the ACID password when starting SMFDUMP with this definition:
TSS ADD(STC) PROCNAME(SMFDUMP)
ACID(OPS200)
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|