TSSRECVR › Recovery Procedure for Automatic Backup

Recovery Procedure for Automatic Backup

Use this procedure if the primary security file is lost or damaged and you have been using the automatic backup feature.

To recover the security file

1. Enter the command:

   STOP TSS
   

   CA Top Secret stops.

2. (Optional) If you are using the VSAM/r14 dataset and the security file is shared, modify and run CAIJCL member VSAMDEF7 to copy the VSAMBKUP file and build the alternate index and path files.
3. Enter the command:

   START TSSB
   

   CA Top Secret restarts.

   TSSB was created at installation and has the following characteristics:

   • The SECFILE DD statement points to the backup security file.
   • If using VSAM/r14 with a non shared security file, the VSAMFILE DD statement points to the backup VSAM file.
   • If using VSAM/r14 with a shared security file:
     • VSAMFILE DD statement points to the VSAMCOPY file created by VSAMDEF7
     • VSAMAIX DD statement points to the AIXCOPY file created by VSAMDEF.
     • VSMPATH DD statement points to the PATHCOPY file created by VSAMDEF7
   • Automatic backup is turned OFF (no BACKUP or VSAMBKUP DD statements).

   You now have a backup security file that is at most, 24 hours out‑of‑date.

4. If you are using your only copy of the backup security file and suspect that damage to the security file was caused by a command function update, make a copy of the backup security file with the TSSBCKUP JCL.
5. Enter the command:

   F TSS,RECOVER(OFF)
   

   Recovery is turned off to avoid duplication of TSS command functions on the recovery file resulting from the recovery process.

6. Enter the command:

   START TSSRCVR1,DATA=DATE(yyddd) [,TIME=TIME(hhmm)]
   

   TSSRCVR1 executes.

7. If the TSS command contains the keyword TARGET, when it is placed in the recovery file on the system it was entered, the TARGET keyword will be commented out and replaced with TARGET(=). This prevents duplicate permits on remote nodes when recovery is done on one system.

   TSS TARGET(=,NODE2) PERMIT(USER1) DSNAME(ABC.) ACCESS(READ)
   

   The above example will show up in the output of TSSRCVR1 as:

   TSS TARGET(=) PERMIT(USER1) DSN(ABC.) ACCESS(READ)
   

8. Enter the command:

   TSS ADDTO(STC) PROCNAME(TSSRCVR2) ACID(msca) STCACT
   

   TSSRCVR2 is run under the authority of the MSCA. This ensures that commands will not FAIL due to insufficient authority. The STCACT keyword is optional and has the effect of prompting the operator console for a userid and password when the procedure is started. Finally, this information is written to the Audit file.

9. Enter the command:

   START TSSRCVR2
   

   The changes collected in Step 5 are applied to the backup security file.

10. Use the backup security file to test that the file was properly recovered. Use the TSSB STC and ensure that Automatic Backup and RECOVER are OFF.
11. Enter the command:

    STOP TSS
    

    CA Top Secret stops.

12. If the primary security file still exists on DASD (damage was not a result of hardware problems), skip to Step 12; otherwise, a new security file must be initialized using the TSSMAINT utility. Besides the ID= parameter, the new primary security file that is created must have the same parameter values as the original security file. The id= parameter should be set to ID=PRIMARY.
13. Create a new started task modeled after the TSS STC in which the SECFILE DD statement points to the backup security file, and the BACKUP DD statement points to the primary security file. You can use the following TSSB JCL:

     //TSSB  PROC PARMS='sys1.parmlib',
     //           HL='CAI.TSSC0',
     //           PRINT='*'
     //*
     //*
     //* CA Top Secret SECURITY (TSS) STARTED TASK FOR USE
     //* DURING RECOVERY PROCEDURE ONLY
     //*
     //*
     //TSSB       EXEC   PGM=TSSMNGR4,DPRTY=(15,14),
     //                  TIME=1440,REGION=500K
     //SECFILE    DD     DISP=SHR,DSN=&HL..BACKUP
     //BACKUP     DD     DISP=SHR,DSN=&HL..SECFILE
     //VSAMFILE   DD     DISP=SHR,DSN=&HL..VSAMBKUP
     //VSAMBKUP   DD     DISP=SHR,DSN=&HL..VSAMFILE
     //RECFILE    DD     DISP=SHR,DSN=&HL..RECFILE
     //AUDIT      DD     DISP=SHR,DSN=&HL..AUDIT
     //PARMFILE   DD
       DISP=SHR,FREE=CLOSE,DSN=&PARMS(TSSPARM0).
     //AUTOCMDS   DD    
       DISP=SHR,FREE=CLOSE,DSN=&PARMS(TSSAUTO0).
     //SYSUDUMP   DD     SYSOUT=&PRINT.
     //PEND
    

14. Enter the command:

    START TSSB
    

    CA Top Secret starts using the newly created procedure, TSSB.

15. Enter the command:

    F TSS,BACKUP
    

    An automatic backup is forced.

16. Enter the command:

    STOP TSS
    

    CA Top Secret stops.

CA Top Secret can be restarted using the TSS STC. The primary security file is recovered. Make sure that after restarting, RECOVER is ON.