Documentation Changes

Documentation Changes

The following documentation updates have been made since the last release of this documentation:

• JES Startup Considerations—Updated section to describe changes to the way the product handles JES shutdown and startup.
• CPF Journal Files—Updated section to describe changes to the way the product handles JES shutdown and startup.
• Enable LDS Journaling to Record LDAP Requests—Defined the specific step of omitting the LDSJRNL DD statement from your CA Top Secret started task JCL before starting the LDS journal processing. This setup allows CA Top Secret to dynamically allocate the journal file to SYSOUT after JES becomes active.

The following changes were made in the previous release of this documentation:

• Suspend ACIDs Automatically Based On Inactivity Thresholds—Modified the maximum value for the number of days after which the product prohibits signon for an unused ACID that is connected to an expired password.
• Restricted Administrative Authorities—Described a CASECAUT exception where resource permissions allow an administrator to bypass NEWPW restrictions and expiration interval restrictions enforced by the PWADMIN(YES) control option.
• Required CASECAUT Authorizations for Changing Password Fields—Added CASECAUT entity names for changing PWADMIN(YES) fields.
• Change a User Password—Removed erroneous password restrictions; added information about how an administrator may assign passwords.
• Change Your Own Password—Added content stating that the new password is subject to the restrictions specified in the NEWPW control option; clarified that you need to include the MULTIPW and FACILITY options if the ACID has multiple passwords assigned by facility.
• Enforce Restrictions on Administrator Password Changes—Added this section that describes how to enforce the NEWPW restrictions for these password changes.
• CICSPROD—Added CESL, CISP, CIS1, CJSL, CRST, and CPCT to the bypass list information.
• CICSTEST—Added CESL, CISP, CIS1, CJSL, CRST, and CPCT to the bypass list information.

The following changes were made in the previous release of this documentation:

• Facilities—Added MPC1, OPENMVS, and UNICNTR to the list of facilities for which CA Top Secret provides security.
• Attributes for Activating or Deactivating Generic Prefixing—Clarified that you must use the TSS REPLACE(RDT) command if you want change the GENERIC attribute; corrected syntax for adding the NONGENERIC attribute to a resource class.
• Define a CPF Node in the NDT Record—Updated the topic with information about CPFAUTOUID and CPFAUTOGID.

The following changes were made in the previous release of this documentation:

• Create a User ACID—Corrected command syntax and example syntax, and expanded the description of the password variable.
• Model an ACID with the MODEL Command—Added ASUSPEND/VSUSPEND/PSUSPEND to the list of fields that are not modeled.
• System Predefined Resources—Clarified the restriction regarding changing resource classes to MASK or NOMASK; clarified that you can make changes only to the EXIT, DEFPROT, MERGE, and ALLMERGE attributes.
• Change Non-Maskable Resources to Support Masking—Added this topic, which applies to certain predefined resource classes.
• Generate a Random Password—Added this procedure, which helps improve security by eliminating the need to maintain a list of static passwords.