IBM GC28-1920-01 RACROUTE REQUEST=DEFINE Preprocessing Exit ICHRDX01, IRRSXT00 Installation Exit

Page 60

– The first check uses the client ACEE. This is the ACEE that is ass with the current task. If the request is successful, the secon performed.

The second check uses the ACEE associated with the server. This same ACEE that is associated with the address space.

When

each of these checks occurs, the RACF exits ICHRCX01 and ICH

are

invoked.

ŸAuthenticated client ACEE

When

an

authenticated

client

ACEE is used in an

access control decis

this

ACEE

is

used in

the access control decision. Audit records rec

contain

an

additional

relocate

section indicating

that this authorizat

was processed using an ACEE created on behalf of an unauthorized application.

IRRSXT00 Installation Exit

IRRSXT00 is invoked by the SAF callable services router before and aft called. If your system already uses the IRRSXT00 installation exit, yo review this exit to be sure the following are true for the R_dcein callable services:

Ÿ IRRSXT00 is capable of executing in either problem or supervisor st

Ÿ IRRSXT00 does not expect to receive control in a system storage pr key (0-7).

RACROUTE REQUEST=DEFINE Preprocessing Exit (ICHRDX01)

Processing of a RETPD value specified via the RACROUTE REQUEST=DEFINE preprocessing exit has changed. Formerly, a RETPD value specified in an ICHRDX01 exit was not recorded in the profile when a generic profile defined, unless RETPD was also specified via command. Now, a RETPD value

specified

in an

ICHRDX01 exit is picked up. If you do not want the

picked up

when

creating a generic profile, you should modify your ex

RETPD value

only

when processing a tape profile.

36 OS/390 V1R2.0 Security Server (RACF) Planning: Installation and Migration

Page 59 Page 61
Image 60
Page 59 Page 61
Contents Security Server RACF Planning Installation and Migration OS/390Place graphic in this area. Outline is keyline only. DO NOT PRINT Page Security Server RACF Planning Installation and Migration Second Edition, September 1996. AllPage Page Contents MigrationAdministration Considerations Customization ConsiderationsAuditing Considerations Operational Considerations IndexChapter 10. ApplicationPage Figures Page Notices Trademarks How to Use This About This BookWho Should Use This Book xiiiWhere to Find More Information Softcopy PublicationsŸ The OS/390 Security Server RACF Information , PackageSK2T-2180 ServerAdministration, H3927 Elements of Security RACF Installation - Student GG24-3971NotesUsing the Ÿ Tutorial Options for Tuning GG22RACFOther Sources of Information IBM Discussion AreasInternet Sources listserv@uga.cc.uga.eduPublications To Request Copies ofOS/390 xviiiFeatures ServiceŸ OpenEdition ProductOSA/SF V2R5TSO/EPage Summary of Changes Page Migration Planning Considerations Chapter 1. PlanningMigration Installation Considerations Administration ConsiderationsCustomization Considerations Auditing Considerations Operational ConsiderationsApplication Development Considerations General User ConsiderationsPage Chapter 2. Release Overview New and Enhanced SupportOS/390 OpenEdition DCE identifiesfunction introduced in OS/390 ReleaseConcepts CheckAuthorizing and Auditing Server Access to the CCS and WLM Services Auditing the Passing of Access RightsOS/390 OpenEdition SOMobjects for MVSMultisystem Nodes RRSF Networknon-main systemsOS/390 Enable and Disable Functions YearTARGET NetView 1.10classes FacilityFunction Not Upgraded updated foridentifies function thatComponents for Release3. Summary of Class Descriptor Table CDTCommands lists classeswhich thereCommand Chapter 3. Summary of Changes to RACF Components for OS/390 15ReleaseData Areas Exitslists changed general-use programming interface GUPI data areMacros MessagesFigure 12 lists changes RACF macrosNew Messages Changed MessagesMessages RACF Database Split/Merge Utility IRRUT400Panels Publications LibraryRoutines Figure 13 lists RACF panels that areSYS1.SAMPLIB TemplatesFigure 16 identifies changes to RACF members of SYS1.SAMPLIB RACROUTE REQUEST=EXTRACTUtilities Figure 18 lists changes to RACF utilities for OS/390 ReleaseTemplate Utility 0280OS/390 Security Server RACF Planning Installation and forMigration RACF Planning Installation and Migrationfor RACFChapter 4. Planning Considerations Migration StrategyRACF Planning Installation and Migrationfor RACF 2.1, and Hardware RequirementsSoftware Requirements RACF Migration and Planning for RACFCompatibility Compatibility Considerations for Remote SharingRequirements Page Chapter 5. Installation Considerations Enabling RACFConsiderations Networksinstallation configuredare in your existing workspace data sets when you install multisystem RChapter 5. Installation Considerations29 mustprefix nodenamesysname local-luprefix.local-node.local-node .INMSG RACF Storage Considerations Virtual StorageThis section discusses storage considerations for RACF Figure 21 estimates RACF virtual storage usage, for planning purposesCustomer Additions to the CDT SubpoolTemplates for RACF on OS/390 Releaseinformation, OS/390see Security Server SystemChapter 6. Customization Considerations Exit Processingand IRRSXT00 Effects of OS/390 OpenEdition DCEIRRSXT00 Installation Exit RACROUTE REQUEST=DEFINE Preprocessing Exit ICHRDX01Chapter 7. Administration Considerations Server RACF Security Administrators. GuideCross-Linking Between RACF Users signonDCEUUIDS Class Signon toActivating single signon restrictionsOpenEditionsee DCE Administration .Guide OS/390 OpenEdition DCE Application Considerationsthe DCE Encryption Key OpenEdition Planning, and inOS/390 OpenEdition Programming Assembler Library ReferenceThreads and Changes to RACF Authorization Processing Restrictionscallable servicepthread orsecuritynp Rdceruid Callable Service UtilityEnhancements to the Chapter 7. Administration Considerations43 SYSMVIEWPage Chapter 8. Auditing Considerations SMF RecordsAuditors Guide and OS/390 Server RACF MacrosServices Auditing New OS/390Interfaces Auditing OS/390 OpenEdition DCE Support Auditing SystemView for MVS SupportReport Writer SMF Data Unload UtilityPage Command OS/390 Security Server RACF Command Language Referencefor moreChapter 9. Operational Considerations Enabling and DisablingPage Chapter 10. Application Development Considerations 2000 SupportServers 01yydddFNew Application Services and Security pthread the securitynpService New Application AuthorizationChanges to the Class Descriptor Table Programming InterfacesŸ “Macros” on page Ÿ “Templates” on page Ÿ “Utilities” on page Ÿ “Routines” on pageChapter 11. General User ConsiderationsOpenEdition Reference forPage Chapter 12. NJE Considerations APAR OW14451OW08457 After Applying the PTFActions Required OW08457UACC NODESAPAR OW15408 GROUPFAILSAFE Page Chapter 13. Scenarios Migrating an ExistingNodes RRSFprefixTARGET NODEMIAMI2 SYSNAMESYSTEM2 LOCAL OPERATIVE On MIAMI2prefixTARGET NODEORLANDO DELETE prefixTARGET NODEMIAMI2 DELETERACF Diagnosis On ORLANDODELETE prefixTARGET NODEORLANDO OPERATIVE PREFIX... PROTOCOL... WORKSPACE Note TheGlossary accessdirection Page Seegeneral-use programming Seeinventoryprogramming Seelogical Seemultisystemlogical other.single-system supervisorytask segment andDFP Index A classes continuedcontinued Page SERVER SFSCMDKEYSMSTR utilitiescontinued Page IBM  Now you can! TheIBM Online Library ProductivityEdition OS/390 Security Server RACF Information Page Page Communicating Your Comments to IBM commentsReaders Comments - Wed Like to Hear from You OS/390 Security Server RACF Planning Installation and MigrationPublication No. GC28-1920-01 Note CopiesMAIL REPLYBUSINESS IBMPage IBM Drop in Back Cover Image HereGC28-192ð-ð1
Top Page Image Contents