IBM GC28-1920-01 manual APAR OW15408, Server, Racf, Security, Group, Failsafe

Page 83
GROUP

List

all

GROUPJ

and

GROUPS

NODES profiles

that

have a UACC value grea

than

or equal to READ, recording

the

profile

names and all keywords n

add

them

back

later. Then

delete

them. These

profiles

were

previousl

but

now

could

result

in failing jobs or unowned

SYSOUT.

Note that

GROU

GROUPS

NODES

profiles

with a

UACC

value

of

NONE

already

worked

and

sti

work

as

documented.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Step

2:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Create the NODES profile *.GROUP%.* with UACC(READ) and

 

 

 

 

ADDMEM(&DFLTGRP), then do any necessary refresh

of in-storage profiles.

profile

causes

RACF

to use the default group

for

NJE

verification,

has

been propagated and possibly translated. This profile acts

as a

all

other

GROUP

NODES

profiles

have

been verified.

 

 

 

 

Step

3:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Add

more specific GROUP NODES profiles. Perhaps you are adding GROUP

NODES

profiles

for the

first OS/390time; Securitysee

Server

(RACF)

Security

 

 

Administrator's Guidefor their intended uses and

externals. Take

note

of

batch job

failures

or

SYSOUT

owners

assigned

by

SYSOUT

FAILSAFE

proces

(SYSOUT message IRR808I will be displayed). Correct any problems in y profiles to accurately reflect corresponding users and groups on the nodes.

Step 4:

When your installation is confident that the GROUP profiles are set change the one from step 2 to a UACC(NONE) with no ADDMEM. This generic profile now fails jobs or disowns SYSOUT when a more specific profile

APAR OW15408

If you are using NODES class

profilesnodeidof.RUSERthe.nodeidform

to allow

JOBs

to

enter

a

node, you

can

remove

those RUSER

nodes

profiles. T

NODES

profile

has

been

used

as

a problem bypass

by

users, to allow

a second

NJE

Job

into

the

JES

internal

reader

using

two

/*XEQs.

Chapter 12. NJE Considerations59

Page 82 Page 84
Image 83
Page 82 Page 84
Contents Place graphic in this area. Outline is keyline only. DO NOT PRINT Security Server RACF Planning Installation and MigrationOS/390 Page OS/390 1996. All Second Edition, SeptemberPage Page Migration ContentsAuditing Considerations Administration ConsiderationsCustomization Considerations 10. Application Operational ConsiderationsIndex ChapterPage Figures Page Notices Trademarks xiii How to Use ThisAbout This Book Who Should Use This BookServer Where to Find More InformationSoftcopy Publications Ÿ The OS/390 Security Server RACF Information , PackageSK2T-2180Ÿ Tutorial Options for Tuning GG22RACF Administration, H3927Elements of Security RACF Installation - Student GG24-3971Notes Using thelistserv@uga.cc.uga.edu Other Sources of InformationIBM Discussion Areas Internet SourcesTo Request Copies of PublicationsFeatures OS/390xviii V2R5TSO/E ServiceŸ OpenEditionProduct OSA/SFPage Summary of Changes Page Migration Migration Planning ConsiderationsChapter 1. Planning Customization Considerations Installation ConsiderationsAdministration Considerations General User Considerations Auditing ConsiderationsOperational Considerations Application Development ConsiderationsPage New and Enhanced Support Chapter 2. Release Overviewintroduced in OS/390 Release OS/390 OpenEdition DCEidentifies functionCheck ConceptsSOMobjects for MVS Authorizing and Auditing Server Access to the CCS and WLM ServicesAuditing the Passing of Access Rights OS/390 OpenEditionsystems Multisystem NodesRRSF Network non-mainTARGET OS/390 Enable and Disable FunctionsYear Facility NetView1.10 classesthat Function Not Upgradedupdated for identifies functionClass Descriptor Table CDT Components forRelease 3. Summary ofthere Commandslists classes whichChapter 3. Summary of Changes to RACF Components for OS/390 15Release Commandgeneral-use programming interface GUPI data are Data AreasExits lists changedRACF macros MacrosMessages Figure 12 lists changesRACF Database Split/Merge Utility IRRUT400 New MessagesChanged Messages MessagesFigure 13 lists RACF panels that are PanelsPublications Library RoutinesRACROUTE REQUEST=EXTRACT SYS1.SAMPLIBTemplates Figure 16 identifies changes to RACF members of SYS1.SAMPLIBTemplate UtilitiesFigure 18 lists changes to RACF utilities for OS/390 Release 0280 UtilityMigration Strategy OS/390 Security Server RACF Planning Installation and forMigrationRACF Planning Installation and Migrationfor RACF Chapter 4. Planning ConsiderationsRACF Migration and Planning for RACF RACF Planning Installation and Migrationfor RACF 2.1, andHardware Requirements Software RequirementsRequirements CompatibilityCompatibility Considerations for Remote Sharing Page Networks Chapter 5. Installation ConsiderationsEnabling RACF Considerationsinstall multisystem R installationconfigured are in your existing workspace data sets when youmust Chapter 5. Installation Considerations29local-lu prefixnodename sysnameprefix.local-node.local-node .INMSG Figure 21 estimates RACF virtual storage usage, for planning purposes RACF Storage ConsiderationsVirtual Storage This section discusses storage considerations for RACFSubpool Customer Additions to the CDTSystem Templates for RACF onOS/390 Release information, OS/390see Security ServerEffects of OS/390 OpenEdition DCE Chapter 6. Customization ConsiderationsExit Processing and IRRSXT00RACROUTE REQUEST=DEFINE Preprocessing Exit ICHRDX01 IRRSXT00 Installation Exitsignon Chapter 7. Administration ConsiderationsServer RACF Security Administrators. Guide Cross-Linking Between RACF UsersActivating DCEUUIDS ClassSignon to the DCE Encryption Key single signon restrictionsOpenEditionsee DCE Administration .GuideOS/390 OpenEdition DCE Application Considerations Threads and OpenEdition Planning, and inOS/390 OpenEdition Programming AssemblerLibrary Reference callable servicepthread orsecuritynp Changes to RACF Authorization ProcessingRestrictions Enhancements to the Rdceruid Callable ServiceUtility SYSMVIEW Chapter 7. Administration Considerations43Page Server RACF Macros Chapter 8. Auditing ConsiderationsSMF Records Auditors Guide and OS/390Interfaces ServicesAuditing New OS/390 SMF Data Unload Utility Auditing OS/390 OpenEdition DCE SupportAuditing SystemView for MVS Support Report WriterPage Enabling and Disabling CommandOS/390 Security Server RACF Command Language Referencefor more Chapter 9. Operational ConsiderationsPage 01yydddF Chapter 10. Application Development Considerations2000 Support Serverspthread the securitynp New Application Services and SecurityProgramming Interfaces ServiceNew Application Authorization Changes to the Class Descriptor TableŸ “Routines” on page Ÿ “Macros” on page Ÿ “Templates” on page Ÿ “Utilities” on pageReference for Chapter 11. General UserConsiderations OpenEditionPage After Applying the PTF Chapter 12. NJE ConsiderationsAPAR OW14451 OW08457NODES Actions RequiredOW08457 UACCFAILSAFE APAR OW15408GROUP Page RRSF Chapter 13. ScenariosMigrating an Existing NodesprefixTARGET NODEMIAMI2 DELETE prefixTARGET NODEMIAMI2 SYSNAMESYSTEM2 LOCAL OPERATIVEOn MIAMI2 prefixTARGET NODEORLANDO DELETEDELETE RACF DiagnosisOn ORLANDO Note The prefixTARGET NODEORLANDO OPERATIVE PREFIX... PROTOCOL... WORKSPACEdirection Glossaryaccess Page programming Seegeneral-use programmingSeeinventory Seemultisystem Seelogicallogical supervisory other.single-systemtask segment andDFP classes continued Index Acontinued Page KEYSMSTR SERVERSFSCMD utilitiescontinued Page Edition OS/390 Security Server RACF Information IBM Now you can! TheIBM Online Library Productivity Page Page comments Communicating Your Comments to IBMNote Copies Readers Comments - Wed Like to Hear from YouOS/390 Security Server RACF Planning Installation and Migration Publication No. GC28-1920-01IBM MAILREPLY BUSINESSPage GC28-192ð-ð1 IBMDrop in Back Cover Image Here
Top Page Image Contents