Skip to main content

Additional Authorization Requirements

Access to datasets

The appropriate z/OS security subsystem (i.e. - RACF, ACF2, or TopSecret) access must also be established for any dataset that will be referenced by the Mainframe Connector startup procedure.

SERVAUTH security class

Profile EZB.STACKACCESS.sysname.tcpname is used by Mainframe Connector to gain access to TCP/IP. You must ensure that the Mainframe Connector started task userid has at least read access to EZB.STACKACCESS.sysname.tcpname where sysname is the value of the &SYSNAME variable on the system you will be running Mainframe Connector on and tcpname is the started task name of the TCP/IP stack that Mainframe Connector will be communicating through.

RACF definition

To grant access to the EZB.STACKACCESS.sysname.tcpname profile in RACF environments, issue the following commands:

RDEFINE SERVAUTH (EZB.STACKACCESS.sysname.tcpname) UACC(NONE)

PERMIT EZB.STACKACCESS.sysname.tcpname CLASS(SERVAUTH) -
       ACCESS(READ) ID(mfc_id)
   

SETROPTS RACLIST(SERVAUTH) REFRESH

ACF2 definition

To grant access to the EZB.STACKACCESS.sysname.tcpname profile in ACF2 environments, issue the following from the ACF command prompt:

SET RESOURCE(SER)

COMPILE*

$KEY(EZB) TYPE(SER)

STACKACCESS.sysname.tcpname UID(mfc_id) SERVICE(READ) ALLOW

STORE

TopSecret definition

To grant access to the EZB.STACKACCESS.sysname.tcpname profile in TopSecret environments, issue the following commands:

TSS ADD(owning_acid) SERVAUTH(EZB.)

TSS PERMIT(mfc_id) SERVAUTH(EZB.STACKACCESS.) ACCESS(READ)
In this section: