Post-Configuration Tasks

idms19
Perform these tasks whether you configure your system manually or using CA CSM.
2
2
The Environment After Configuration is Complete
The entire installation process (SMP/E installation, deployment and configuration) creates various source and executable load libraries.
A complete base configuration process creates the following environment:
  • Dictionary environment -- Configures a system and application dictionary environment.
  • DBA loadlib -- Contains the following two customized load modules whose names were specified as configuration variables:
    • The DMCL load module -- A load module describing the configured Release 19.0 runtime environment.
    • The database name table load module -- A load module defining the databases and data dictionaries accessible by the DMCL load module.
  • Configures the following systems:
    • System 90 -- A sample CA IDMS Release 19 DC/UCF system that can be copied to your DC system number.
    • System 99 -- A non-executable system containing CA IDMS programs and tasks that can be copied to the new systems you define and generate.
z/OS Environment
There should be no modules from prior releases of CA IDMS or CA Dispatch in the z/OS LPA. The SYS1.LPALIB should contain no modules beginning with ADS, IDMS, or RHDC.
If you specified the z/OS option "AllowUserKeyCSA(NO)", update the PPT to indicate the system key that RHDCOMVS (the startup module) should run in. You can specify any system key in the range of 1 to 7. If you specified the z/OS option "AllowUserKeyCSA(YES)", then you can use any key in the range of 8 to 15.
Preparing TP Access Environment
This task involves preparing the TP access method for your CA IDMS system. The access methods covered are VTAM, TCP/IP, TSO, and CICS.
VTAM Access
To use VTAM to access CA IDMS/DC, the following two definitions must be in place:
  • A VTAM line (VTAMLIN) must be defined in the CA IDMS/DC system. The definition is already in place because the configuration process defined the VTAM line using the value of the CA CSM variable DcSystemVtamApplid or the CAISAG variable GJVTAMID. One VTAM line supports multiple concurrent users.
  • An application ID (APPLID) must be defined in VTAM to identify the CA IDMS/DC system.
    The APPLID defined to VTAM must match the APPLICATION ID parameter of the VTAMLIN statement specified during configuration.
TCP/IP Access
If you plan to use TCP/IP communication protocol for your DDS communications, or if you are configuring IDMS for use with CA Server, then you must define a TCP/IP environment, socket line and listener PTERM to the CA IDMS system. For DNS functions to operate correctly, add a SYSTCPD DD statement to the startup JCL deck of your central version, pointing to the TCPIP.DATA file of your site.
TSO Access
The modules that you use to access the TSO are in the CAGJLOAD library. Module RHDCUCFT is used for traditional UCFTSO, and RHDCUCFL is used through a command line interface, for example the Zowe CLI.
To access a DC/UCF system from TSO, use the CLIST in CUSTOM.SRCLIB member UCFTSO to invoke RHDCUCFT. For reference purposes, the UCFTSO member follows. Modify it to reflect your data set naming conventions.
PROC 0 CONTROL NOMSG LIST FREE F(SYSPRINT,SYSOUT,SYSOUD,SYSLST,SYSUDUMP,SYSCTL,DCMSG) FREE F(SYSJRNL,J1JRNL,J2JRNL,J3JRNL,J4JRNL,CDMSLIB) CONTROL MSGALLOC F(SYSPRINT) DA(*) ALLOC F(SYSOUT) DA(*) ALLOC F(SYSOUD) DA(*) ALLOC F(SYSUDUMP) DA(*) ALLOC F(SYSCTL) DA('CAI.IDMSTEST.SYSCTL') SHR ALLOC F(DCMSG) DA('CAI.IDMSTEST.SYSMSG.DDLDCMSG') SHR ALLOC F(SYSJRNL) DUMMY ALLOC F(J1JRNL) DUMMY ALLOC F(J2JRNL) DUMMY ALLOC F(J3JRNL) DUMMY ALLOC F(J4JRNL) DUMMY ALLOC F(CDMSLIB) DA('CAI.IDMSTEST.DBA.LOADLIB', - 'CAI.IDMSTEST.CUSTOM.LOADLIB', - '
idms
.CAGJLOAD') SHR CALL '
idms.
CAGJLOAD(RHDCUCFT)'
To access CA IDMS DML Online from TSO, do the following:
  1. Create a CLIST to execute CA IDMS DML Online, using the USDTSO member in the CAGJSAMP library as a sample.
  2. Modify the CLIST for your site requirements.
  3. Add the CA IDMS loadlibs to the TSO signon STEPLIB.
  4. Execute the CLIST.
To access a DC/UCF system from the Zowe CLI using TSO, do the following:
  1. Create a CLIST to execute RHDCUCFL using the UCFTSOCL member in the CAGJSAMP library as a sample.
    Choose the call statement to RHDCUCFL.
  2. Modify the CLIST for your site requirements.
  3. Execute Zowe CLI statements to start a TSO address space, for example:
    zowe tso start as
  4. Use the returned key to issue a Zowe command to execute the CLIST, for example:
    zowe tso send as key --data "exec 'customized clist"
    Using the TSO CLIST is optional. To accomplish the same functionality, you can use the zowe tso send as commands. For example:
    zowe tso send as key --data "ALLOC F(SYSCTL) DA('DBDC.SYS99.SYSCTL') SHR"
    For more information, see Integration with Zowe CLI.
CICS Access
To access a DC/UCF system from CICS, you must have configured CA IDMS CICS Support by selecting CA IDMS CICS Support during the CA CSM configuration or in the CAISAG VARBLIST.
Once the configuration steps have execute successfully, add the CA IDMS CSD entries to your CICS system to define the resources required by CA IDMS to CICS. This is usually done by a CICS systems programmer using the CICS resource definition online (RDO) or the DFHCSDUP utility to update the CSD file.
Sample CSD resources required by CA IDMS are shown in CAGJSRC member CICSCSD. Additional optional CSD resources are shown in CAGJSAMP members TPSCICS (CA IDMS/DC Sort) and USDCICS (CA IDMS DML Online). Consult the appropriate IBM documentation to help ensure that these definitions take precedence over any previously configured definitions for the corresponding entities.
More information:
  • For a complete description of CA IDMS CICS support, see the
    Administrating section
    .
  • For complete instructions on updating the CICS CSD file, see the IBM documentation.
CA IDMS Task Analyzer Storage Requirements
Before you start CA IDMS/DC, consider the following storage requirements of CA IDMS Task Analyzer that can affect the sysgen:
  • Storage pool
  • Program pool
  • Stacksize
CA IDMS Log Analyzer and CA IDMS Task Analyzer Statistics Gathering
CA IDMS Log Analyzer and CA IDMS Task Analyzer gather statistical data for all activities except dialogs from the
by-task
statistics records. Statistical information for dialogs is gathered from the transaction statistics records. For CA IDMS to capture this data, the statistics must be requested at the system level.
You can gather statistical data for CA IDMS Log Analyzer and CA IDMS Task Analyzer, do the following:
  1. By-task Statistics
    are controlled through the STATISTICS subparameter of the SYSTEM statement. The minimum specification required is as follows:
    STATISTICS TASK ►─┬── WRITE ──┬─► └─ COLLECT ─┘
    For CA IDMS Log Analyzer, you must specify WRITE, otherwise COLLECT is sufficient.
    Usually, CV writes the by-task statistic records to the log. With CA IDMS Task Analyzer, this action is controlled by the DC STATISTICS option field of the CA IDMS Task Analyzer Statistics Plan screen. For more information, see
    Task Analyzer
    .
  2. Dialog Statistics
    are specified in the ADSO statement of the sysgen. The DIALOG STATISTICS subparameter of the ADSO statement generates the transaction statistics. The specification required is as follows:
    DIALOG STATISTICS ON ►─┬─SELECTED─┬──► └─── ALL ──┘
    Note:
    If you specify SELECTED,CA IDMS Log Analyzer and CA IDMS Task Analyzer can report only on dialogs defined with a PROGRAM statement specifying ADSO DIALOG STATISTICS ON.
CA IDMS Performance Monitor
Customize the execution of CA IDMS Performance Monitor by tailoring the PMAMINIT, PMIMINIT, and PMRTINIT modules.
Configuring Default JCL for CA IDMS Extractor and CA IDMS Dictionary Migrator Assistant
At the initial configuration, configure the default JCL used by CA IDMS Extractor and CA IDMS Dictionary Migrator Assistant (DMA).
CA IDMS Extractor JCL is used to execute the batch components of CA IDMS Extractor. The default CA IDMS Extractor JCL is contained in the following CAGJSRC library members:
  • USVEXEC -- Extracts and loads a database
  • USVPSPC -- Prints extract specifications
  • USVPJCL -- Prints extract and load JCL
The DMA JCL and CA IDMS Extractor JCL allow you to submit Jobs to the internal reader from a CA IDMS system. The DMA JCL is used for the online job submission of CA IDMS Dictionary Migrator Jobs by DMA. The DMA JCL is any JCL for CA IDMS Dictionary Migrator that you are already using or the CAGJSRC library member USMXTRCT. Edit USMXTRCT to tailor the JCL and parameter statements appropriately for your CA IDMS environment and required migration.
The JCL to upload CA IDMS Extractor and DMA JCL is included in CAGJSRC library members USVUJCL and XDMBJCL respectively.
CA ADS Trace Dictionary Updates
All application dictionaries using CA ADS Trace must be updated with the attributes, records, and elements for CA ADS Trace.
To update each dictionary, do the following:
  1. Create an IDMSDDDL job with ATDDDL as input. ATDDDL is located in the CAGJSRC library.
  2. Execute the job.
  3. Review the output and verify that the entities were added to the dictionary.
CA IDMS/DC Sort Dictionary Updates
All application dictionaries using CA IDMS/DC Sort must be updated with the records and modules for CA IDMS/DC Sort.
T
o update each dictionary, do the following:
  1. Create an IDMSDDDL job with TPSDDDL as input. TPSDDDL is located in the CAGJSRC library. The TPSDDDL set in Job 13 can be used as a template.
  2. Submit the job.
  3. Review the output and verify that the entities were added to the dictionary.
CA IDMS DQF Dictionary Updates
CA IDMS DQF is a CA ADS application. The configuration process adds the CA IDMS DQF application to the CA IDMS Task Application Table (TAT) in the TOOLDICT dictionary. Each application dictionary using CA IDMS DQF must be updated with the CA IDMS DQF ADS application.
Follow these steps to update the dictionary:
  1. In the CAGJSRC library, modify the member DADS12OP.
  2. Submit DADS12OP for execution.
  3. Review the output and verify that the application was added to the dictionary.
Security Classification Modules
If you are doing an upgrade and your site maintains customized versions of IDMSCTAB, IDMSGTAB or IDMSUTAB, you should reassemble and link your customized source. If you are performing a complete base install, you can optionally create customized versions of these modules.
See the Security Administrating section for more information on the security services these modules provide and information on their modification.
Versions of these modules with no security set are installed into your base installation libraries.
Linking a Dictionary to the CA Endevor/DB Change Monitor
If you selected CA Endevor/DB for CA IDMS for configuration, the configuration process created a CCDB (Change Control Data Base) segment but did not associate the CCDB to a dictionary dbname. A dictionary you want to monitor is linked, or
hooked
by subschema mapping of IDMSNWKA to NDVRNWKA. Run the Batch Command Facility (IDMSBCF) using the following sample as input to establish change monitoring for a dictionary. Specify the dbtable you want to update and the dictionary segment you want to monitor.
ALTER DBNAME dbtablename.dbname SEGMENT ccdname SUBSCHEMA IDMSNWKA MAPS TO NDVRNWKA; GENERATE DBTABLE dbtablename; PUNCH DBTABLE LOAD MODULE dbtablename;
For more information on seeding the CCDB and assigning a security administrator, see Monitoring Change Activity.
Creating an Executable System
For either an upgrade or a complete base configuration, manual steps are required to complete the definition of your DC System.
For a complete base configuration, take the following steps:
  • SYSTEM statement
    -- Specify the values for the SYSTEM statement parameters, for example:
    • REENTRANT POOL
    • STORAGE POOL
    • PROGRAM POOL
    • STACKSIZE
    • SVC
    • SYSCTL
    • MAX ERUS
    Some products have additional requirements.
    • CA IDMS Task Analyzer storage requirements
    • CA IDMS Log Analyzer and CA IDMS Task Analyzer statistics-gathering
These requirements may be critical to the proper functioning of your environment.
  • Task and program definitions
    -- The configuration process copied System 90 to your specified DC system.
  • Line definitions
    -- Add the line definitions for your site. Add the LTERMs and PTERMs for each line.
  • Generate the new system
    -- Submit an RHDCSGEN job to execute the sysgen compiler.
For an upgrade configuration, take the following steps:
  • Task and program definitions
    -- Copy the tasks and programs from System 99 to your specified DC system. Do not alter the task or program definitions copied from System 99.
  • Generate the new system
    -- Submit an RHDCSGEN job to execute the sysgen compiler.
Modify the Startup JCL
The STARTUP member in the CUSTOM.JCLLIB library contains a partially customized startup job. Depending on hardware (zIIPs) and software in use at your site, you may need to modify one or more of the following:
  • The EXEC parameters
  • The STEPLIB concatenation
  • The CDMSLIB concatenation
DC/UCF systems use the services of the IDMS SVC to enable themselves automatically to run non-swappable in z/OS regardless of the value specified in the z/OS PPT or SYS1.PARMLIB.
To prevent CA IDMS from automatically forcing itself to run non-swappable, do one of the following actions:
  • Code SWAP=Y on the EXEC statement in your CV startup JCL if you are using keyword parameters.
  • Code an S in column 24 of the EXEC parm of the proc that starts CA IDMS if you are using positional parameters.
CA IDMS now runs exactly as defined in the z/OS definitions.
Many parameters can be specified in the PARM on the EXEC statement in the startup job. For more information, see the Administrating section.
You may need to increase the region size to accommodate increased storage requirements for the Release 19.0
You may need to include DD statements in your CDMSLIB concatenation for libraries of other vendors and products (for example, LE runtime) to load properly when used with your CA IDMS central version.
You may need to add the following libraries to the CDMSLIB concatenation:
  • CA IDMS Enforcer load library
  • CA IDMS/DC Sort CICS load library
You can add DD statements for database files to the startup JCL, if desired. This action is optional because CA IDMS supports dynamic allocation. If the file names are specified in the DMCL, they are not required in the JCL. The following products use their own database files:
  • CA IDMS SQL
  • ASF Option
  • CA IDMS Tools Dictionary
  • CA IDMS Extractor
  • CA IDMS Dictionary Migrator
  • CA IDMS CA IDMS DML ONLINE
  • CA IDMS Enforcer
  • CA IDMS Masterkey
  • CA IDMS SASO
Under certain circumstances, there are minimum requirements for successfully starting any IDMS CV.
If you are implementing CA IDMS support for zIIP, then certain modules must be loaded from authorized libraries. If the z/OS operating system runs with AllowUserKeyCSA(NO), which is the default for z/OS v1r9 and above, then the STEPLIB must be authorized and certain other procedures must be followed.
Note:
For more information on configuring your system to run with AllowUserKeyCSA(NO), see "Storage Key Considerations for z/OS CSA Subpools" in the CA IDMS System Operation topics.If AUTHREQ=YES is specified for the CA IDMS SVC, then the STEPLIB must be authorized.
Note:
For more information on configuring your system to run with AUTHREQ=YES, see Other Requirements.
CA IDMS Enforcer
Identify the CA IDMS systems where you want CA IDMS Enforcer to run. Add the CA IDMS Enforcer load library to the CDMSLIB concatenation.
CA IDMS/DC Sort under CICS
Add the CA IDMS/DC Sort CICS load library to the startup JCL for CICS.
Verifying the System Configuration
Before you begin the verification process, the configuration must be completed successfully. The verification process consists of the following phases:
Each phase is discussed next.
System Startup
To start your DC/UCF system, submit the STARTUP member in the CUSTOM.JCLLIB library. The system is active when the
Enter Next Task Code
message appears in the JES log.
Online Verification
The online verification process consists of the following steps:
  1. DCMT verification
    -- A CLIST that executes a large percentage of the DCMT DISPLAY xxxx functions has been placed in your SYSTEM dictionary. To use this CLIST, enter the following commands at the DC/UCF
    ENTER NEXT TASK CODE
    prompt:
    DCUF SET DICTNAME SYSTEMCLIST DCMT-DEMO-CLIST
    This step invokes the CLIST and allows you to view the new DCMT DISPLAY output.
  2. DCUF verification
    -- A CLIST that executes a large percentage of the DCUF DISPLAY xxxx functions has been placed in your SYSTEM dictionary. To use this CLIST, enter the following commands at the DC/UCF
    ENTER NEXT TASK CODE
    prompt:
    DCUF SET DICTNAME SYSTEM CLIST DCUF-DEMO-CLIST
    This step invokes the CLIST and allows you to view the new DCUF DISPLAY output.
  3. IDMSLOOK verification
    -- A CLIST that executes a large percentage of the online LOOK xxxx functions has been placed in your SYSTEM dictionary. To use this CLIST, enter the following commands at the DC/UCF
    ENTER NEXT TASK CODE
    prompt:
    DCUF SET DICTNAME SYSTEM CLIST LOOK-DEMO-CLIST
    This step invokes the CLIST and allows you to view the IDMSLOOK output.
  4. IDD verification
    -- To validate IDD, sign on to the APPLDICT dictionary and try various IDD commands, such as DISPLAY ALL MODULES, DISPLAY ALL USERS, and DISPLAY ALL SCHEMAS.
  5. Online Command Facility (OCF) verification
    -- To verify OCF, enter the following commands:
    • DCUF SET DICTNAME SYSTEM
    • OCF
    • DISPLAY SEGMENT SYSTEM -- Displays the definitions of the segment, files and areas that comprise the SYSTEM segment.
    • DISPLAY DMCL R185DMCL -- Displays the DMCL created during the configuration process.
    • DISPLAY DBTABLE R185DBTB -- Displays the database name table created during the configuration process.
Most other online products are optional. Exercise additional products, such as CA ADS, CA OLQ, and CA IDMS Performance Monitor to verify their installation.
Batch Verification
Many CA IDMS tools and utilities can be tested. Most of these tools have already been verified by completing configuration, including the following:
  • ADSOBTAT -- The batch CA ADS application table load utility (ADSOBTAT) is run to define the $TOOLTCF (Transfer Control Facility) as a valid CA ADS runtime application.
  • IDMSBCF -- The CA IDMS Batch Command Facility (IDMSBCF) controls the execution of most of the CA IDMS utility programs, DBTABLE processing, and SQL processing. IDMSBCF invokes the following utilities during configuration:
    • BACKUP
    • FORMAT
    • PRINT PAGE
    • PRINT SPACE
    • RESTORE
  • IDMSCHEM -- The non-SQL, Commonweather Demonstration Database schema, EMPSCHM version 100, is added to the APPLDICT DDLDML area using the schema compiler.
  • IDMSDDDL -- Several data dictionary utilities are run to load various entity types (messages, elements, records, and modules) into the DDLDML and DDLDCLOD areas.
  • IDMSDMLC -- Various programs, including EMPLOAD, are processed using the CA IDMS COBOL precompiler (IDMSDMLC) during the creation of the non-SQL demonstration database.
  • IDMSRPTS -- The CA IDMS Schema Reporter program is executed to list various reports for EMPSCHM Version 100 during the configuration of the non-SQL demonstration database.
  • IDMSUBSC -- The subschema used to define the non-SQL demonstration database, EMPSS01, is loaded and generated using the subschema compiler.
  • RHDCMAP1 -- The batch mapping compiler is used to load the map, EMPMAP, into the APPLDICT DDLDML area.
  • RHDCMPUT -- The batch mapping utility module is run to do a PROCESS=ALL for map EMPMAP in the APPLDICT dictionary.
  • RHDCSGEN -- The batch system generation compiler is executed to create SYSTEM 90 and SYSTEM 99.
If you chose local mode for the configuration process, consider testing some of these tasks running against your central version once it is established. You can test any other programs not executed during configuration at your convenience.
CAIRIM
The configuration process loaded a customized IDMS SVC that is resident only until the next IPL. Your systems group can enable the SVC to install automatically at each IPL by running the CAIRIM proc (usually the CAS9 procedure) at each IPL. This proc is described in the CA Common Services for z/OS documentation,
The CAS9 proc requires the CAIRIM parameter line for CA IDMS and the location of the six APFLIB modules.
The CAS9 proc reads CAIRIM product parameter lines from the CARIMPRM member in SYS1.PARMLIB. The format for this line can vary as follows:
  • If the location of the six APFLIB modules is specified by adding a DD statement to the CAS9 proc (concatenated to STEPLIB), the CAIRIM parameter line format is as follows:
    PRODUCT(CA IDMS) VERSION(GJJ0) INIT(GJJ0INIT) PARM(SVC=
    xxx
    )
  • If no DD statement is added to the CAS9 proc, the format is as follows:
    PRODUCT(CA IDMS) VERSION(GJJ0) LOADLIB(dsname) INIT(GJJ0INIT) PARM(SVC=
    xxx
    )
    where
    dsname
    is the name of the authorized loadlib containing the six APFLIB modules.
If you are running multiple releases of CA IDMS using one SVC, supply a CAIRIM parameter line for each release. All but the first line must have the REFRESH parameter. See SVC.
Maintenance may update the SVC load module. If the CA IDMS APFLIB loadlib is authorized and CAIRIM loads the SVC directly from the APFLIB at each IPL, you are loading an updated (and possibly untested) SVC with the first IPL after installing maintenance affecting the SVC. For this reason, do not load the SVC for your production system directly from APFLIB.
SVC
When an SVC is refreshed, all CVs using it must be brought down before the REFRESH. After the SVC has been refreshed, the CV can be restarted. Unpredictable results can occur for any ERUS task that is accessing a CV while its SVC is being refreshed. Batch jobs and CICS regions that access CA IDMS are affected.
This CA IDMS release SVC load module is downward compatible. If you are using multiple supported versions of CA IDMS, you can run all your releases on the new SVC. For multiple releases to share the same SVC, the CAIRIM input statements must be modified to avoid CA IDMS CAIRIM errors. Failure to modify the CAIRIM statement results in the following message:
CA IDMS SVC MUST BE INSTALLED BY CAIRIM BEFORE STARTING THE DATABASE
Example
The site is running releases 18.0 and 19.0 and uses SVC 173. The following are the CAIRIM PARMLIB input statements:
PRODUCT(CA IDMS) VERSION(GJIO) INIT(GJJ0INIT) PARM(SVC=173) PRODUCT(CA IDMS) VERSION(GJJ0) INIT(GJJ0INIT) PARM(REFRESH(SVC=173))
Explanation
The first statement installs SVC 173 with version code GJI0 (Release 18.0). The second statement inserts version code GJJ0 (Release 19.0.02) into the CPU where CAIRIM is running while
refreshing
the same SVC load module. This allows releases 18.0 and Release 19.0.2 CA IDMS CVs to use the same SVC.
Note:
The INIT parameter on both lines should name the GJJOINT load module.
Refreshing Required Modules
The required modules for this CA IDMS release—IDMSMSVA, RHDCSSFM, CAIXDOA$ and PMRTDATA—are downward compatible. If you are using an earlier release of CA IDMS, the versions of these modules in the ECSA may not have been refreshed when the new SVC was installed. Refresh these modules using the following syntax:
PRODUCT(CA IDMS) VERSION(GJJ0) INIT(GJJ0INIT) PARM(REFRESH(RHDCSSFM)) PRODUCT(CA IDMS) VERSION(GJJ0) INIT(GJJ0INIT) PARM(REFRESH(IDMSMSVA)) PRODUCT(CA IDMS) VERSION(GJJ0) INIT(GJJ0INIT) PARM(REFRESH(CAIXDOA$)) PRODUCT(CA IDMS) VERSION(GJJ0) INIT(GJJ0INIT) PARM(REFRESH(PMRTDATA))
When a
module-name
is refreshed, all CVs and batch Jobs that are using the module being refreshed must be ended before the REFRESH. When the module has been refreshed, CVs and batch jobs can be restarted.
Numbered Options
Numbered options provide a means for you to tailor CA IDMS behavior to meet your processing needs. You enable numbered options by turning on a bit in the options table, RHDCOPTF.
The following shows the default RHDCOPTF with no bits turned on. It can be found in your CUSTOM.SRCLIB (RHDCOPTF)
#DEFOPTF TYPE=GENERATE END
To turn on bits 5 and 81, code the following:
#DEFOPTF OPT00005 #DEFOPTF OPT00081 #DEFOPTF TYPE=GENERATE END
Assemble and link RHDCOPTF by running the RHDCOPTF jobs in the CUSTOM.SRCLIB and CUSTOM.LNKLIB libraries.
Security
A list of Broadcom supplied user mode programs that issue bind run units can be found in the CAGJSRC library in members whose names begin with SEC. This list may be useful for sites that choose to secure RESTYPE=SPGM or RESTYPE=DB.
Note:
For more information about security, see the S
ecurity Administrating
section.