IBM GC28-1920-01 manual Installation Considerations, Enabling RACF, Networks, Management, Server

Page 51

Chapter 5. Installation Considerations

Chapter 5. Installation Considerations

This chapter describes changes of interest to the system programmer OS/390 Release 2 Security Server (RACF):

ŸEnabling RACF

Ÿ Considerations for RRSF networks

Ÿ Virtual storage considerations

Ÿ Customer additions to the CDT

ŸTemplates

Enabling RACF

When

you install

OS/390

Release

2,

make

sure

that

RACF

is

enabled. If

RACF

initialization

does not complete,

message

IFA104I

is

issued,

and

not

provide

security

for

the

system.

At install time, to enable RACF,

an entry must existxx memberinthe IFAPRD

pointed

to

by

the

PROD=

parameter

inxx thememberIEASYSof

SYS1.PARMLIB.

If you order RACF as part of

the Security

Server

feature

in

OS/390

IFAPRD xx entry should look like this:

PRODUCT OWNER('IBM CORP')

NAME('OS/39ð')

FEATURENAME('Security Server')

ID(5645-ðð1)

VERSION(\)

RELEASE(\)

MOD(\)

STATE(ENABLED)

If

you

make

changes

to

this

member, you must re-IPL the system for

to take effect. RACF does not

respond

to

changes

made

via

the

MVS S

command.

For more information on enabling

and

disabling OS/390RACF,

sSecurity

Server

(RACF) System Programmer's Guide, or the program directory shipped with t

product. For

general

information

on

enabling

products,OS/390 MVS seeProduct

Management .

Considerations

for

RRSF

Networks

OS/390

Release

2

Security Server (RACF)

includes

support

for

multisystem

in RRSF

networks.

(For a

description

of

this support,

see “Multisystem

RRSF

Network”

on

page 9.)

This support

required

a

change

to

the

naming

convention

for

the remote sharing workspace data sets. The

naming

conve

the

workspace

data sets created on a

node

as a

result

of a

TARGE

command

is

now:

prefix.sysname.ds_identity

where:

 Copyright IBM

Corp.

1994,

1996

27

Image 51

Contents Security Server RACF Planning Installation and Migration OS/390Place graphic in this area. Outline is keyline only. DO NOT PRINT Page OS/390 1996. All Second Edition, SeptemberPage Page Migration ContentsAdministration Considerations Customization ConsiderationsAuditing Considerations 10. Application Operational ConsiderationsIndex ChapterPage Figures Page Notices Trademarks xiii How to Use ThisAbout This Book Who Should Use This BookServer Where to Find More InformationSoftcopy Publications Ÿ The OS/390 Security Server RACF Information , PackageSK2T-2180Ÿ Tutorial Options for Tuning GG22RACF Administration, H3927Elements of Security RACF Installation - Student GG24-3971Notes Using thelistserv@uga.cc.uga.edu Other Sources of InformationIBM Discussion Areas Internet SourcesTo Request Copies of PublicationsOS/390 xviiiFeatures V2R5TSO/E ServiceŸ OpenEditionProduct OSA/SFPage Summary of Changes Page Migration Planning Considerations Chapter 1. PlanningMigration Installation Considerations Administration ConsiderationsCustomization Considerations General User Considerations Auditing ConsiderationsOperational Considerations Application Development ConsiderationsPage New and Enhanced Support Chapter 2. Release Overviewintroduced in OS/390 Release OS/390 OpenEdition DCEidentifies functionCheck ConceptsSOMobjects for MVS Authorizing and Auditing Server Access to the CCS and WLM ServicesAuditing the Passing of Access Rights OS/390 OpenEditionsystems Multisystem NodesRRSF Network non-mainOS/390 Enable and Disable Functions YearTARGET Facility NetView1.10 classesthat Function Not Upgradedupdated for identifies functionClass Descriptor Table CDT Components forRelease 3. Summary ofthere Commandslists classes whichChapter 3. Summary of Changes to RACF Components for OS/390 15Release Commandgeneral-use programming interface GUPI data are Data AreasExits lists changedRACF macros MacrosMessages Figure 12 lists changesRACF Database Split/Merge Utility IRRUT400 New MessagesChanged Messages MessagesFigure 13 lists RACF panels that are PanelsPublications Library RoutinesRACROUTE REQUEST=EXTRACT SYS1.SAMPLIBTemplates Figure 16 identifies changes to RACF members of SYS1.SAMPLIBUtilities Figure 18 lists changes to RACF utilities for OS/390 ReleaseTemplate 0280 UtilityMigration Strategy OS/390 Security Server RACF Planning Installation and forMigrationRACF Planning Installation and Migrationfor RACF Chapter 4. Planning ConsiderationsRACF Migration and Planning for RACF RACF Planning Installation and Migrationfor RACF 2.1, andHardware Requirements Software RequirementsCompatibility Compatibility Considerations for Remote SharingRequirements Page Networks Chapter 5. Installation ConsiderationsEnabling RACF Considerationsinstall multisystem R installationconfigured are in your existing workspace data sets when youmust Chapter 5. Installation Considerations29local-lu prefixnodename sysnameprefix.local-node.local-node .INMSG Figure 21 estimates RACF virtual storage usage, for planning purposes RACF Storage ConsiderationsVirtual Storage This section discusses storage considerations for RACFSubpool Customer Additions to the CDTSystem Templates for RACF onOS/390 Release information, OS/390see Security ServerEffects of OS/390 OpenEdition DCE Chapter 6. Customization ConsiderationsExit Processing and IRRSXT00RACROUTE REQUEST=DEFINE Preprocessing Exit ICHRDX01 IRRSXT00 Installation Exitsignon Chapter 7. Administration ConsiderationsServer RACF Security Administrators. Guide Cross-Linking Between RACF UsersDCEUUIDS Class Signon toActivating single signon restrictionsOpenEditionsee DCE Administration .Guide OS/390 OpenEdition DCE Application Considerationsthe DCE Encryption Key OpenEdition Planning, and inOS/390 OpenEdition Programming Assembler Library ReferenceThreads and Changes to RACF Authorization Processing Restrictionscallable servicepthread orsecuritynp Rdceruid Callable Service UtilityEnhancements to the SYSMVIEW Chapter 7. Administration Considerations43Page Server RACF Macros Chapter 8. Auditing ConsiderationsSMF Records Auditors Guide and OS/390Services Auditing New OS/390Interfaces SMF Data Unload Utility Auditing OS/390 OpenEdition DCE SupportAuditing SystemView for MVS Support Report WriterPage Enabling and Disabling CommandOS/390 Security Server RACF Command Language Referencefor more Chapter 9. Operational ConsiderationsPage 01yydddF Chapter 10. Application Development Considerations2000 Support Serverspthread the securitynp New Application Services and SecurityProgramming Interfaces ServiceNew Application Authorization Changes to the Class Descriptor TableŸ “Routines” on page Ÿ “Macros” on page Ÿ “Templates” on page Ÿ “Utilities” on pageReference for Chapter 11. General UserConsiderations OpenEditionPage After Applying the PTF Chapter 12. NJE ConsiderationsAPAR OW14451 OW08457NODES Actions RequiredOW08457 UACCAPAR OW15408 GROUPFAILSAFE Page RRSF Chapter 13. ScenariosMigrating an Existing NodesprefixTARGET NODEMIAMI2 DELETE prefixTARGET NODEMIAMI2 SYSNAMESYSTEM2 LOCAL OPERATIVEOn MIAMI2 prefixTARGET NODEORLANDO DELETERACF Diagnosis On ORLANDODELETE Note The prefixTARGET NODEORLANDO OPERATIVE PREFIX... PROTOCOL... WORKSPACEGlossary accessdirection Page Seegeneral-use programming Seeinventoryprogramming Seemultisystem Seelogicallogical supervisory other.single-systemtask segment andDFP classes continued Index Acontinued Page SERVER SFSCMDKEYSMSTR utilitiescontinued Page IBM  Now you can! TheIBM Online Library ProductivityEdition OS/390 Security Server RACF Information Page Page comments Communicating Your Comments to IBMNote Copies Readers Comments - Wed Like to Hear from YouOS/390 Security Server RACF Planning Installation and Migration Publication No. GC28-1920-01IBM MAILREPLY BUSINESSPage IBM Drop in Back Cover Image HereGC28-192ð-ð1