Previous Topic: Recover Data for a Non-Shared Security File (SHRFILE=NO)Next Topic: Manual Recovery

Backup and RestoreRecoveryHow to Recover from a Security File FailureActivate Your New Primary and Backup Security Files (Non-Shared Environment)

Activate Your New Primary and Backup Security Files (Non-Shared Environment)

After you recover security file data, activate your new primary and backup security files.

Summary of steps:

  1. Run TSSMAINS to re-create security files.
  2. Create and start temporary started task TSSN.
  3. Force an immediate backup.
  4. Restart CA Top Secret.
  5. Verify that a RECOVER control option setting of ON is in effect.

Important! This procedure is for environments that use a non-shared security file (SHRFILE=NO). Separate instructions are available to activate the files in an environment that uses a shared security file.

Follow these steps:

  1. Initialize a new security file.

    Note: The new security file and backup file must be on different volumes. The new primary security file must have the same parameter values as the original security file. The ID parameter should be set to ID=PRIMARY.

    1. Rename and save the corrupted security file elsewhere before deleting it.
    2. Run job VSAMDEF3 to allocate a new primary VSAM file.

      Note: Skip step 2.

    3. Run the TSSMAINS utility to create the security file for your system.

    Your new security file is initialized.

  2. Create started task TSSN:
    1. Model TSSN after the TSSB started task procedure, in which the SECFILE DD statement points to the backup security file and the BACKUP DD statement points to the primary security file. You can use the following JCL as a model: 
      //TSS  PROC PARMS='SYS1.PARMLIB',
//           HL='CAI.TSSC0',
//           PRINT='*'
//*
//*
//* CA Top Secret SECURITY (TSS) STARTED TASK FOR USE
//* DURING RECOVERY PROCEDURE ONLY
//*
//*
//TSSB       EXEC   PGM=TSSMNGR4,DPRTY=(15,14),
//                  TIME=1440,REGION=500K
//SECFILE    DD     DISP=SHR,DSN=&HL..BACKUP
//BACKUP     DD     DISP=SHR,DSN=&HL..SECFILE
//VSAMFILE   DD     DISP=SHR,DSN=&HL..VSAMCOPY (VSAMDEF7)
//VSAMBKUP   DD     DISP=SHR,DSN=&HL..VSAMFILE (VSAMDEF3)
//RECFILE    DD     DISP=SHR,DSN=&HL..RECFILE
//AUDIT      DD     DISP=SHR,DSN=&HL..AUDIT
//PARMFILE   DD     DISP=SHR,FREE=CLOSE,DSN=&PARMS(TSSPARM0).
//AUTOCMDS   DD     DISP=SHR,FREE=CLOSE,DSN=&PARMS(TSSAUTO0).
//SYSUDUMP   DD     SYSOUT=&PRINT.
//PEND
    2. Save your new started task as a new member in the SYS1.PROCLIB data set (for example, SYS1.PROCLIB(TSSN).
  3. Restart the product with the TSSN temporary started task procedure:
    1. Stop the product: 
      P TSS
    2. Start the product: 
      S TSSN, , ,REINIT

    The restarted product now uses the newly created procedure.

  4. Force an immediate backup: 
    F TSS,BACKUP
  5. Restart the product again with the normal started task:
    1. Stop the product: 
      STOP TSS
    2. Start the product by using the TSS started task: 
      S TSS

    The primary security file is recovered, with the original security file and VSAM names.

  6. Issue the following command to confirm that a RECOVER control option setting of ON is in effect: 
    TSS MODI STATUS

    Active recovery file status information indicates that the RECOVER option is ON. Absence of the status information indicates that the option is OFF, in which case you can activate the option.

    You have successfully recovered from the security file failure.

Recover Data for a Shared Security File (SHRFILE=YES)

Security file recovery occurs in two phases:

Important! If the security file is compromised and the CA Top Secret address space stays up, ensure that your backup started task JCL is current prior to shutting down the address space.

Summary of steps:

  1. Back up the security file and VSAM file.
  2. Run VSAMDEF7.
  3. Edit and start TSSB.
  4. Execute the recovery procedure.

Important! This procedure assumes you have implemented automatic backup (control option BACKUP) with command recovery (control option RECOVER(ON)). Additionally, this procedure is for environments that use a shared security file (SHRFILE=YES). A separate procedure exists to recover data for a non-shared security file.

The goal of this recovery scenario is to forward recover security files, ending up with the same data set names, enabling you to recover without changing the live TSS started task.

Follow these steps:

  1. Back up the damaged security file and VSAM file (using DFSMS, FDR, or similar software).

    This information might be need by CA Support later to determine what problems occurred that caused the security file failure.

  2. Run CAIJCL member VSAMDEF7 (using the VSAM backup file as input) to create new VSAM, PATH, and AIX files.
  3. Edit the TSSB backup started task procedure and restart the product with TSSB:
    1. Edit TSSB so that it has the following characteristics:
      • The SECFILE DD statement points to the backup security file for the security file that failed.

        Important! If you are using your only copy of the backup security file and suspect that a command function update damaged the security file, make a copy of the backup security file by running the TSSBCKUP or SMSBCKUP procedure JCL.

      • The VSAMFILE DD statement points to the VSAMCOPY file created by VSAMDEF7.
      • The VSMPATH DD statement points to the PATHCOPY file created by VSAMDEF7.
      • The VSAMAIX DD statement points to the AIXCOPY file created by VSAMDEF7.
      • Automatic backup is turned OFF (no BACKUP or VSAMBKUP DD statements).

      Example of TSSB Started Task Procedure

      //TSSB  PROC PARMS='SYS1.PARMLIB',
//           HL='CAI.TSSC0',
//           PRINT='*'
//*
//*
//* CA Top Secret SECURITY (TSS) STARTED TASK FOR USE
//* DURING RECOVERY PROCEDURE ONLY
//*
//*
//TSSB       EXEC   PGM=TSSMNGR4,DPRTY=(15,14),
//                  TIME=1440,REGION=500K
//SECFILE    DD     DISP=SHR,DSN=&HL..BACKUP
//VSAMFILE   DD     DISP=SHR,DSN=&HL..VSAMCOPY
//VSAMAIX    DD     DISP=SHR,DSN=&HL..AIXCOPY
//VSMPATH    DD     DISP=SHR,DSN=&HL..PATHCOPY  
//RECFILE    DD     DISP=SHR,DSN=&HL..RECFILE
//AUDIT      DD     DISP=SHR,DSN=&HL..AUDIT
//PARMFILE   DD     DISP=SHR,FREE=CLOSE,DSN=&PARMS(TSSPARM0)
    2. Stop the product on all shared systems: 
      P TSS
    3. Start the TSSB started task procedure on only one system: 
      S TSSB

      Running TSSB ensures that you have a security file that is no more than 24 hours out of date. This should let most operations continue normally without an outage while you continue the recovery process.

  4. Execute the recovery procedure:
    1. Turn off recovery (to avoid duplication of TSS command functions on the recovery file resulting from the recovery process): 
      F TSS,RECOVER(OFF)
    2. Retrieve recovery file changes: 
      S TSSRCVR1,DTE=DATE(yyddd)[,TME=TIME(hhmm)]
      hhmm

      Specifies the hour and minute for selecting recovery records. This value should be the time of the last security file backup.

      yyddd

      Specifies the earliest date for selecting recovery records.

      TSSRCVR1 retrieves the changes.

      A TSS command can contain the keyword TARGET. When placed in the recovery file on the system where it was entered, the TARGET keyword is commented out and replaced with TARGET(=). This change prevents duplicate permits on remote nodes when recovery is done on one system.

      Example: Replacing the TARGET Keyword

      In this example, you specify the following command:

      TSS TARGET(=,NODE2) PERMIT(USER1) DSNAME(ABC.) ACCESS(READ)

      In the output of TSSRCVR1, the command appears as follows:

      TSS TARGET(=) PERMIT(USER1) DSN(ABC.) ACCESS(READ)
    3. Add the TSSRCVR2 procedure to the product started task table: 
      TSS ADDTO(STC) PROCNAME(TSSRCVR2) ACID(msca) STCACT

      To ensure that commands do not fail due to insufficient authority, TSSRCVR2 runs under Master Security Control ACID (MSCA) authority. The optional STCACT keyword prompts the operator console for a user ID and password when the procedure is started. The ID is written to the audit file.

    4. Start TSSRCVR2: 
      S TSSRCVR2

      The changes that TSSRCVR1 collected are applied to the backup security file. You have recovered data.

Activate Your New Primary and Backup Security Files (Shared Environment)

After you recover security file data, activate your new primary and backup security files.

Summary of steps:

  1. Run TSSMAINS to re-create the security file.
  2. Create and start temporary started task TSSN.
  3. Force an immediate backup.
  4. Recycle CA Top Secret on a single system.
  5. Verify that a RECOVER control option setting of ON is in effect.
  6. Restart CA Top Secret on all shared systems.

Important! This procedure is for environments that use a shared security file (SHRFILE=YES). Separate instructions are available to activate the files in an environment that uses a non-shared security file.

Follow these steps:

  1. Initialize a new security file.

    Note: The new primary security file must have the same parameter values as the original security file. The ID parameter should be set to ID=PRIMARY.

    1. Rename and save the corrupted security file and VSAM file elsewhere before deleting them.
    2. Run VSAMDEF7 (to create a new primary VSAM file), ensuring the following setup:
      • As input, use the VSAM files that were created when you ran VSAMDEF7 when recovering security file data.
      • Under step 3 in the VSAMDEF7 JCL, change the DD1 and DD2 DD statements to match the following specifications: 
        	//DD1       DD DISP=SHR,DSN=IDSXV$P.PO.TSSHO43.VSAMCOPY
	//DD2       DD DISP=SHR,DSN=IDSXV$P.PO.TSSHO43.VSAMFILE
    3. Run VSAMDEF6 to create a throwaway VSAM file.
    4. Run the TSSMAINS utility to create the security file for your system.

      Note: We are using a throwaway VSAM file when we run TSSMAINS. We do this activity to satisfy a requirement in TSSMAINS so that we can continue to create a BDAM file.

      Example of TSSMAINS

      //TSSMAINS     EXEC     PGM=TSSMAINT
//MAINTOUT     DD       SYSOUT=*
//SECFILE      DD       DSN=Original SECFILE NAME ,           
//             SPACE=(XXXX,(XXXX),RLSE,CONTIG),               
//             UNIT=3390,DISP=(,CATLG,DELETE),VOL=SER=XXXXXX, 
//             DCB=(KEYLEN=17,BLKSIZE=27648)                  
//VSAMFILE    DD   DISP=SHR,DSN=VSAM file from VSAMDEF6       
//MAINTIN      DD       *  
CREATE SECURITY     
ACCESSORS=40000     
VOLUMES=3000        
BLOCKSIZE=27648     
MAXACIDSIZE=512     
RESBLOCKS=50        
SCA=XXXXXXXX/ZZZZZZZZ  
ID=PRIMARY          
INITVSAM=DIGICERT   
/*
  2. Create a started task (TSSN):
    1. Model TSSN after the TSS started task, in which the SECFILE DD statement points to the backup security file and the BACKUP DD statement points to the primary security file.

      Note: The VSAM files that you reference in TSSN should be the files that were created when you ran VSAMDEF7 earlier in this procedure.

      You can use the following JCL as an example to create TSSN:

      //TSS  PROC PARMS='SYS1.PARMLIB',
//           HL='CAI.TSSC0',
//           PRINT='*'
//*
//*
//* CA Top Secret SECURITY (TSS) STARTED TASK FOR USE
//* DURING RECOVERY PROCEDURE ONLY
//*
//*
//TSSB       EXEC   PGM=TSSMNGR4,DPRTY=(15,14),
//                  TIME=1440,REGION=500K
//SECFILE    DD     DISP=SHR,DSN=&HL..BACKUP
//BACKUP     DD     DISP=SHR,DSN=&HL..SECFILE
//VSAMFILE   DD     DISP=SHR,DSN=&HL..VSAMFILE 
//VSAMAIX    DD     DISP=SHR,DSN=&HL..VSAMAIX  
//VSAMPATH   DD     DISP=SHR,DSN=&HL..VSAMPATH 
//VSAMBKUP   DD     DISP=SHR,DSN=&HL..VSAMBKUP
//RECFILE    DD     DISP=SHR,DSN=&HL..RECFILE
//AUDIT      DD     DISP=SHR,DSN=&HL..AUDIT
//PARMFILE   DD     DISP=SHR,FREE=CLOSE,DSN=&PARMS(TSSPARM0).
//AUTOCMDS   DD     DISP=SHR,FREE=CLOSE,DSN=&PARMS(TSSAUTO0).
//SYSUDUMP   DD     SYSOUT=&PRINT.
//PEND
    2. Save your new started task as a member in the SYS1.PROCLIB data set (for example, SYS1.PROCLIB(TSSN).
  3. Restart the product with the TSSN temporary started task:
    1. Stop the product: 
      P TSS
    2. Start the product: 
      S TSSN,,,REINIT

    The restarted product now uses the newly created procedure.

  4. Force an immediate backup: 
    F TSS,BACKUP
  5. Restart the product again on a single system with the standard TSS started task:
    1. Stop the product: 
      P TSS
    2. Start the product by using your standard TSS started task: 
      S TSS

    The primary security file is recovered, with the original security file and VSAM names.

  6. Issue the following command to confirm that a RECOVER control option setting of ON is in effect: 
    TSS MODI STATUS

    Active recovery file status information indicates that the RECOVER option is ON. Absence of the status information indicates that the option is OFF, in which case you can activate the option.

  7. Restart CA Top Secret on all shared systems.

    You have successfully recovered from the security file failure.