Skip to main content

TopSecret

Similarily for TopSecret, the userid that the Mainframe Connector subsystem will run under needs appropriate OMVS definitions. As well, the userid should also be assigned with NOSUBCHK and MAINTAIN as follows:

TSS ADD(mfc_id) UID(999999)

TSS ADD(mfc_id) NOSUBCHK

TSS ADMIN(mfc_id) ACID(MAINTAIN)

To prevent online access with the mfc_id the SOURCE(INTRDR) restriction is also recommended. This can be assigned as follows:

TSS ADD(mfc_id) SOURCE(INTRDR)

The TopSecret started task table should be updated to include the Mainframe Connector started task procedure name and corresponding mfc_id .

The Mainframe Connector started task will also require a TopSecret master facility. This can be set up in one of the available user facility definitions as follows:

TSS MODIFY FAC(USERnn=NAME=facname)

TSS MODIFY FAC(facname=PGM=PSN)

' nn ' represents an available user facility and ' facname ' represents the facility name. An example definition may look like:

TSS MODIFY FAC(USER43=NAME=MFC)

TSS MODIFY FAC(MFC=PGM=PSN)

The master facility can be assigned to the Mainframe Connector userid as follows:

TSS ADD(mfc_id) MASTFAC(facname)

for example:

TSS ADD(MFCX) MASTFAC(MFC)

All userids that will be managed by the Bravura Security Fabric server should be set up with access to the MFC facility. This would be done as follows:

TSS ADD(acid) FAC(facname)

for example:

TSS ADD(DBAUSR1) FAC(MFC)

In order to support SUSPEND reset capability as specified by the PSNCUX01 and PSNCUX04 user exits and to support inbound enable and disable requests, the Mainframe Connector started task userid must be granted the appropriate authority. This is done as follows:

TSS ADMIN(mfc_id) MISC1(SUSPEND)

TSS ADMIN(mfc_id) MISC8(REMASUSP)

The TYPE assigned to the Mainframe Connector started task userid must be set to a value that will allow Mainframe Connector to perform administrative functions against incoming userids appropriately. For example, if the Mainframe Connector started task userid has been created with TYPE(USER) it will not be able to perform administrative functions for a userid that has been created with TYPE(LSCA) .

In order to support the ability to add or remove ACIDs to or from a GROUP or PROFILE, the Mainframe Connector started task userid will require the CONSOLE attribute. This is done as follows:

TSS ADD(mfc_id) CONSOLE
In this section: