Connect CDC SQData

Zoom Window Out
Larger Text | Smaller Text
Hide Page Header
Show Expanding Text
Print Topic
Send Mail Feedback
Share This Topic
Save Permalink URL

Navigation: Quickstart Guides > Security Authorization Quickstart > zOS Security Requirements

Startetd Task Authorizations

The following sample RACF commands outline the authorization required by the various Connect CDC SQData agents. Modify the names, high-level qualifiers, zFS directories, etc. as required by your environment.SQ

Master Controller STC Authorizations – Program SQDAMAST

ADDUSER SQDAMAST DFLTGRP(<stc_group>) OWNER(<owner_name>)

ALTUSER SQDAMAST NOPASSWORD NOOIDCARD

ALTUSER SQDAMAST NAME('STASK, SQDATA')

ALTUSER SQDAMAST DATA('FOR SQDATA CONTACT:<sqdata_contact_name>')

ALTUSER SQDAMAST WORKATTR(WAACCNT('**NOUID**'))

CONNECT SQDAMAST GROUP(<stc_group>) OWNER(<owner_name>)

PERMIT 'SQDATA.*' ID(SQDAMAST) ACCESS(READ) GEN

Daemon STC Authorizations – Program SQDAEMON

ADDUSER SQDAEMON DFLTGRP(<stc_group>) OWNER(<owner_name>)

ALTUSER SQDAEMON NOPASSWORD NOOIDCARD

ALTUSER SQDAEMON NAME('STASK, SQDATA')

ALTUSER SQDAEMON DATA('FOR SQDATA CONTACT:<sqdata_contact_name>')

ALTUSER SQDAEMON WORKATTR(WAACCNT('**NOUID**'))

CONNECT SQDAEMON GROUP(<stc_group>) OWNER(<owner_name>)

ALTUSER SQDAEMON OMVS(PROGRAM('/bin/sh'))

PERMIT 'SQDATA.*' ID(SQDAEMON) ACCESS(READ) GEN

Db2 Capture STC Authorizations – Program SQDDB2C

ADDUSER SQDDB2C DFLTGRP(<stc_group>) OWNER(<owner_name>)

ALTUSER SQDDB2C NOPASSWORD NOOIDCARD

ALTUSER SQDDB2C NAME('STASK, SQDATA')

ALTUSER SQDDB2C DATA('FOR SQDATA CONTACT:<sqdata_contact_name>')

ALTUSER SQDDB2C WORKATTR(WAACCNT('**NOUID**'))

CONNECT SQDDB2C GROUP(<stc_group>) OWNER(<owner_name>)

ALTUSER SQDDB2C OMVS(PROGRAM('/bin/sh'))

ALTUSER SQDDB2C OMVS(MMAPAREAMAX(262144))

PERMIT 'SQDATA.*' ID(SQDDB2C) ACCESS(READ) GEN

IMS Capture, IMS Publisher and VSAM Publisher STC Authorizations – Three (3) Total

ADDUSER SQDZLOGC DFLTGRP(<stc_group>) OWNER(<owner_name>)

ALTUSER SQDZLOGC NOPASSWORD NOOIDCARD

ALTUSER SQDZLOGC NAME('STASK, SQDATA')

ALTUSER SQDZLOGC DATA('FOR SQDATA CONTACT:<sqdata_contact_name>')

ALTUSER SQDZLOGC WORKATTR(WAACCNT('**NOUID**'))

CONNECT SQDZLOGC GROUP(<stc_group>) OWNER(<owner_name>)

ALTUSER SQDZLOGC OMVS(PROGRAM('/bin/sh'))

PERMIT 'SQDATA.*' ID(SQDZLOGC) ACCESS(READ) GEN

Administrative Userid Authorization

ADDUSER <admin_user> DFLTGRP(<stc_group>) OWNER(<owner_name>)

ALTUSER <admin_user> NOPASSWORD NOOIDCARD

ALTUSER <admin_user> NAME('STASK, SQDATA')

ALTUSER <admin_user> DATA('FOR SQDATA CONTACT:<contact_name>')

ALTUSER <admin_user> WORKATTR(WAACCNT('**NOUID**'))

CONNECT <admin_user> GROUP(<stc_group>) OWNER(<owner_name>)

ALTUSER <admin_user> OMVS(PROGRAM('/bin/sh'))

ALTUSER <admin_user> OMVS(MMAPAREAMAX(262144))

PERMIT 'SQDATA.*' ID(<admin_user>) ACCESS(READ) GEN

SETROPTS GENERIC (DATASET ) REFRESH

R/W Access to the SQDATA ZFS File System (only if the FSACCESS RACF class is active)

SETROPTS GENERIC(FSACCESS)

RDEFINE FSACCESS SQDATA.** UACC(NONE)

PERMIT SQDATA.** CLASS(FSACCESS) ID(SQDAMAST) ACCESS(UPDATE)

PERMIT SQDATA.** CLASS(FSACCESS) ID(SQDDB2C) ACCESS(UPDATE)

PERMIT SQDATA.** CLASS(FSACCESS) ID(SQDZLOGC) ACCESS(UPDATE)

PERMIT SQDATA.** CLASS(FSACCESS) ID(SQDAEMON) ACCESS(UPDATE)

PERMIT SQDATA.** CLASS(FSACCESS) ID(<admin_user>) ACCESS(UPDATE)

SETROPTS RACLIST(FSACCESS) REFRESH

Please enable JavaScript to view this site.

Connect CDC SQData