Previous Topic: CA 7 As Cross-Platform Client and Agent JobsNext Topic: CA 7 As Cross-Platform Client and CA7TOUNI Jobs

Security Implementation ConsiderationsSecurity Considerations for Cross-Platform SchedulingCA 7 as Cross-Platform Client and XPJOBs

CA 7 as Cross-Platform Client and XPJOBs

Using XPJOB definitions, sites can take advantage of the hierarchical security designed especially for these jobs. The XPDEF file initialization statement PSWDLOC keyword defines the four supported security modes. The following are the modes:

DATABASE

Creates an owner security record in the database using the XPSWD command. User ID, password, and domain information can be associated to the owner. Any XPJOB definition containing the same owner uses the information in this record when building the request to transmit to the remote operating environment. Password information provided using the XPSWD command is encrypted and nondisplayable.

OWNER

Uses the OWNER field in the XPJOB definition as the user ID that is passed to the remote node. No password or domain information is provided.

NODE

Creates a node security record in the database using the XPSWD command. User ID, password, and domain information can be associated to the node. Any XPJOB definition containing the same node uses the information in this record when building the request to transmit to the remote operating environment. Password information provided using the XPSWD command is encrypted and nondisplayable.

USER

Supplies SUBUSER and SUBPASS information in an external file associated to the XPJOB definition. You can use the standard facilities of your MVS security system to secure this external file for READ and WRITE access.

The DATABASE and NODE modes are the most secure. In addition, they provide an alternative to supplying a user ID and password to each job definition. With these two modes, all XPJOBs whose OWNER or NODE match a DATABASE or NODE security record use the information in that security record.

Note: For more information about the XPDEF PSWDLOC statement, see the Systems Programming Guide. For more information about the XPSWD command, see the Database Maintenance Guide.

If you want to supply the user ID of ROOT, create an XPSWD Owner or Node security record. In addition, the SUBROOT keyword of the XPDEF file initialization statement must be set to Y.

XPJOB definitions are defined, scheduled, and/or demanded in the same manner as any other CA WA CA 7 Edition batch job. A user ID is always passed to the target system with password and domain being optional. The source of this information is dependent upon the XPDEF PSWDLOC file initialization statement definition.