Modifying the ADMINIDS list
The ADMINIDS DD statement is used to define a dataset(s) that contains a list of userids that will be permitted to have password reset requests that are being made for third party userids (i.e. - not their own) forwarded to the Bravura Pass server for strength validation and synchronization. At Mainframe Connector startup, the contents of the ADMINIDS datasets(s) are copied to an in-storage list which exists, and governs ADMINIDS-related processing, while Mainframe Connector is active.
A number of operator commands are available to dynamically influence the contents of this list and how it is to be interpreted.
Adding a userid to the ADMINIDS list
The MODIFY command can be used to dynamically add a userid to the list of ADMINIDS.
Syntax:
MODIFY mfc ,ADD,ADMINID= userid F mfc ,ADD,ADMINID= userid
Where ’userid’ indicates the administrator userid that should be added to the ADMINIDS list. Optional Run-time parameters describes acceptable syntax for userid.
If ADMINIDS datasets(s) were absent from the Mainframe Connector startup JCL, the first ADD command will dynamically create an in-storage ADMINIDS list as described previously.
Removing a userid from the ADMINIDS list
The MODIFY command can be used to dynamically remove a userid from the list of ADMINIDS.
Syntax:
MODIFY mfc ,DEL,ADMINID= userid F mfc ,DEL,ADMINID= userid
Where ’userid indicates the administrator userid that should be removed from the ADMINIDS list.
If the specified userid is not currently included in the ADMINIDS list, a message is issued and processing continues.
Disabling an active ADMINIDS list
The MODIFY command can be used to dynamically disable an active list of ADMINIDS.
Syntax:
MODIFY mfc ,DEACTIVATE,ADMINIDS F mfc ,DEACTIVATE,ADMINIDS
Using this command will disable administrator-issued password resets from being sent to the Bravura Pass server for validation and synchronization.
If ADMINIDS list processing is not currently active, a message is issued and processing continues.
Enabling a deactivated ADMINIDS list
The MODIFY command can be used to dynamically enable a deactivated list of ADMINIDS.
Syntax:
MODIFY mfc,REACTIVATE,ADMINIDS F mfc ,REACTIVATE,ADMINIDS
Using this command will re-enable administrator-issued password resets being sent to the Bravura Pass server for validation and synchronization. Only resets by those administrator userids in the list will be processed.
If ADMINIDS list processing is already active or did not previously exist, a message is issued and processing continues.
Reloading the ADMINIDS list
The MODIFY command can be used to reload the list of ADMINIDS from the ADMINIDS DD dataset concatenation.
Syntax:
MODIFY mfc ,RELOAD,ADMINIDS F mfc ,RELOAD,ADMINIDS
Using this command causes Mainframe Connector to create a new copy of the ADMINIDS list from the current contents of the datasets in the ADMINIDS DD concatenation. This command permits sites to update their static ADMINIDS datasets and activate the contents of those datasets dynamically. To get the expected results, the ADMINIDS DD concatenation must be kept to a maximum of 32 DD statements.
If no ADMINIDS list processing was active, a message is issued and processing continues.
Note that RELOAD will nullify updates resulting from any prior ADD or DEL commands issued against the ADMINIDS list unless the ADMINIDS dataset(s) are updated as well (eg. - via ISPF EDIT) to reflect the ADD or DEL changes prior to issuance of the RELOAD.