IRRSXT00 Installation Exit | IBM GC28-1920-01 manual

– The first check uses the client ACEE. This is the ACEE that is ass with the current task. If the request is successful, the secon performed.

–The second check uses the ACEE associated with the server. This same ACEE that is associated with the address space.

When	each of these checks occurs, the RACF exits ICHRCX01 and ICH
are	invoked.

ŸAuthenticated client ACEE

When	an	authenticated		client	ACEE is used in an	access control decis
this	ACEE	is	used in	the access control decision. Audit records rec
contain		an	additional	relocate	section indicating	that this authorizat

was processed using an ACEE created on behalf of an unauthorized application.

IRRSXT00 Installation Exit

IRRSXT00 is invoked by the SAF callable services router before and aft called. If your system already uses the IRRSXT00 installation exit, yo review this exit to be sure the following are true for the R_dcein callable services:

Ÿ IRRSXT00 is capable of executing in either problem or supervisor st

Ÿ IRRSXT00 does not expect to receive control in a system storage pr key (0-7).

RACROUTE REQUEST=DEFINE Preprocessing Exit (ICHRDX01)

Processing of a RETPD value specified via the RACROUTE REQUEST=DEFINE preprocessing exit has changed. Formerly, a RETPD value specified in an ICHRDX01 exit was not recorded in the profile when a generic profile defined, unless RETPD was also specified via command. Now, a RETPD value

specified	in an	ICHRDX01 exit is picked up. If you do not want the
picked up	when	creating a generic profile, you should modify your ex
RETPD value	only	when processing a tape profile.

36 OS/390 V1R2.0 Security Server (RACF) Planning: Installation and Migration

Image 60

IBM GC28-1920-01 manual RACROUTE REQUEST=DEFINE Preprocessing Exit ICHRDX01, IRRSXT00 Installation Exit

Contents

Security Server RACF Planning Installation and Migration OS/390Place graphic in this area. Outline is keyline only. DO NOT PRINT Page Security Server RACF Planning Installation and Migration Second Edition, September 1996. AllPage Page Contents Migration Administration Considerations Customization ConsiderationsAuditing Considerations Operational Considerations IndexChapter 10. ApplicationPage Figures Page Notices Trademarks How to Use This About This BookWho Should Use This Book xiii Where to Find More Information Softcopy PublicationsŸ The OS/390 Security Server RACF Information , PackageSK2T-2180 Server Administration, H3927 Elements of Security RACF Installation - Student GG24-3971NotesUsing the Ÿ Tutorial Options for Tuning GG22RACF Other Sources of Information IBM Discussion AreasInternet Sources listserv@uga.cc.uga.edu Publications To Request Copies of OS/390 xviiiFeatures ServiceŸ OpenEdition ProductOSA/SF V2R5TSO/EPage Summary of Changes Page Migration Planning Considerations Chapter 1. PlanningMigration Installation Considerations Administration ConsiderationsCustomization Considerations Auditing Considerations Operational ConsiderationsApplication Development Considerations General User ConsiderationsPage Chapter 2. Release Overview New and Enhanced Support OS/390 OpenEdition DCE identifiesfunction introduced in OS/390 Release Concepts Check Authorizing and Auditing Server Access to the CCS and WLM Services Auditing the Passing of Access RightsOS/390 OpenEdition SOMobjects for MVS Multisystem Nodes RRSF Networknon-main systems OS/390 Enable and Disable Functions YearTARGET NetView 1.10classes Facility Function Not Upgraded updated foridentifies function that Components for Release3. Summary of Class Descriptor Table CDT Commands lists classeswhich there Command Chapter 3. Summary of Changes to RACF Components for OS/390 15Release Data Areas Exitslists changed general-use programming interface GUPI data are Macros MessagesFigure 12 lists changes RACF macros New Messages Changed MessagesMessages RACF Database Split/Merge Utility IRRUT400 Panels Publications LibraryRoutines Figure 13 lists RACF panels that are SYS1.SAMPLIB TemplatesFigure 16 identifies changes to RACF members of SYS1.SAMPLIB RACROUTE REQUEST=EXTRACT Utilities Figure 18 lists changes to RACF utilities for OS/390 ReleaseTemplate Utility 0280 OS/390 Security Server RACF Planning Installation and forMigration RACF Planning Installation and Migrationfor RACFChapter 4. Planning Considerations Migration Strategy RACF Planning Installation and Migrationfor RACF 2.1, and Hardware RequirementsSoftware Requirements RACF Migration and Planning for RACF Compatibility Compatibility Considerations for Remote SharingRequirements Page Chapter 5. Installation Considerations Enabling RACFConsiderations Networks installation configuredare in your existing workspace data sets when you install multisystem R Chapter 5. Installation Considerations29 must prefix nodenamesysname local-lu prefix.local-node.local-node .INMSG RACF Storage Considerations Virtual StorageThis section discusses storage considerations for RACF Figure 21 estimates RACF virtual storage usage, for planning purposes Customer Additions to the CDT Subpool Templates for RACF on OS/390 Releaseinformation, OS/390see Security Server System Chapter 6. Customization Considerations Exit Processingand IRRSXT00 Effects of OS/390 OpenEdition DCE IRRSXT00 Installation Exit RACROUTE REQUEST=DEFINE Preprocessing Exit ICHRDX01 Chapter 7. Administration Considerations Server RACF Security Administrators. GuideCross-Linking Between RACF Users signon DCEUUIDS Class Signon toActivating single signon restrictionsOpenEditionsee DCE Administration .Guide OS/390 OpenEdition DCE Application Considerationsthe DCE Encryption Key OpenEdition Planning, and inOS/390 OpenEdition Programming Assembler Library ReferenceThreads and Changes to RACF Authorization Processing Restrictionscallable servicepthread orsecuritynp Rdceruid Callable Service UtilityEnhancements to the Chapter 7. Administration Considerations43 SYSMVIEWPage Chapter 8. Auditing Considerations SMF RecordsAuditors Guide and OS/390 Server RACF Macros Services Auditing New OS/390Interfaces Auditing OS/390 OpenEdition DCE Support Auditing SystemView for MVS SupportReport Writer SMF Data Unload UtilityPage Command OS/390 Security Server RACF Command Language Referencefor moreChapter 9. Operational Considerations Enabling and DisablingPage Chapter 10. Application Development Considerations 2000 SupportServers 01yydddF New Application Services and Security pthread the securitynp Service New Application AuthorizationChanges to the Class Descriptor Table Programming Interfaces Ÿ “Macros” on page Ÿ “Templates” on page Ÿ “Utilities” on page Ÿ “Routines” on page Chapter 11. General User ConsiderationsOpenEdition Reference forPage Chapter 12. NJE Considerations APAR OW14451OW08457 After Applying the PTF Actions Required OW08457UACC NODES APAR OW15408 GROUPFAILSAFE Page Chapter 13. Scenarios Migrating an ExistingNodes RRSF prefixTARGET NODEMIAMI2 SYSNAMESYSTEM2 LOCAL OPERATIVE On MIAMI2prefixTARGET NODEORLANDO DELETE prefixTARGET NODEMIAMI2 DELETE RACF Diagnosis On ORLANDODELETE prefixTARGET NODEORLANDO OPERATIVE PREFIX... PROTOCOL... WORKSPACE Note The Glossary accessdirection Page Seegeneral-use programming Seeinventoryprogramming Seelogical Seemultisystem logical other.single-system supervisory task segment andDFP Index A classes continued continued Page SERVER SFSCMDKEYSMSTR utilitiescontinued Page IBM  Now you can! TheIBM Online Library ProductivityEdition OS/390 Security Server RACF Information Page Page Communicating Your Comments to IBM comments Readers Comments - Wed Like to Hear from You OS/390 Security Server RACF Planning Installation and MigrationPublication No. GC28-1920-01 Note Copies MAIL REPLYBUSINESS IBMPage IBM Drop in Back Cover Image HereGC28-192ð-ð1