Previous Topic: TSSXVSDTNext Topic: CA Top Secret Diagnostic Trace

PDS Member Level Protection Utilities

PDS Member Level Protection Utilities

This section contains the following topics:

About PDS Member Level Protection

Security Ownership Commands

About PDS Member Level Protection

Three utility programs are provided to assist the resolution of problems with PDS member level protection. These programs are executed under the direction of CA Technical Support. To prevent their misuse, secure these programs using "CAPDSSEC" resources within the IBMFAC resource class.

Security Ownership Commands

The following example commands define security ownership over these resources and permit their use by "user1" alone:

TSS ADDTO(anydept) IBMFAC(CAPDSSEC)

TSS PERMIT(user1) IBMFAC(CAPDSSEC.STATUS)

TSS PERMIT(user1) IBMFAC(CAPDSSEC.TRACE)

TSS PERMIT(user1) IBMFAC(CAPDSSEC.TERM)
CAS4STAT

Displays overall status of the PDS member level protection component, location of key modules, and other statistics. This program can only be executed using an ACID which has access to the CAPDSSEC.STATUS resource within the IBMFAC resource class.

Sample execution JCL:

//PDS      EXEC PGM=CAS4STAT,REGION=512K
CAS4TRCE

Enables PDS member level protection tracing. Trace messages are issued to the system console. This program can only be executed using an ACID which has access to the CAPDSSEC.TRACE resource within the IBMFAC resource class. For information on the output messages from this trace, see the Messages and Codes Guide.

Sample execution JCL:

//PDS      EXEC PGM=CAS4TRCE,REGION=512K,PARM='opt'

Where opt can be:

ON

Enables general tracing.

SEC

Enables tracing of security processing.

CCW

Enables general tracing and also traces CCW I/O activity against a protected data set. This setting can potentially generate a lot of output and, depending on how many data sets are protected, impact system performance.

MEM

Enables general tracing and also generates tracing showing Using the TSSFAR UtilityUsing the TSSFAR UtilityPDS member information including disk address translation. This setting can potentially generate a lot of output.

ALL

Enables all tracing.

OFF

Disables all tracing.

CAS4TERM

Removes PDS member level protection intercepts from the system. In all normal situations, TSS MODIFY PDSPROT(ON/OFF) commands should be used to enable or disable PDS member level protection. This program can only be executed using an ACID which has access to the CAPDSSEC.TERM resource within the IBMFAC resource class.

Sample execution JCL;

//PDS      EXEC PGM=CAS4TERM,REGION=512K

To re‑enable PDS member level protection, enter:

TSS MODIFY PDSPROT(ON)