Define Remote Background User IDs

Define a remote background user ID so that remote users on a linked system can log on to a local region.
12-1
When the regions are linked, you want to permit a remote region background user (
nnnn
BSYS) to log on to the local region. Define the remote background user ID to the local region:
  • Define the remote
    nnnn
    BSYS user ID to the local region UAMS.
    If you use the Multi-System Support Menu to link regions, add the remote region background user ID (
    nnnn
    BSYS) to the User Access Maintenance System (UAMS) for the local region. Then, assign the
    nnnnBSYS
    user ID to the $RMBUSER group.
  • Define the remote
    nnnn
    BSYS user ID as a user to the external security package. No password is required:
    • For
      ACF2
      , use the following commands:
      ACF SET LID INSERT
      nnnn
      BSYS NAME(
      bsys_user_name
      ) PASSWORD(NOPW)
    • For
      Top Secret
      , use the following command:
      TSS CRE(
      nnnn
      BSYS) TYPE(USER) DEPT(
      dept_acid
      ) NAME('
      bsys_user_name
      ') PROTECTED
    • For RACF, use the following command:
      ADDUSER
      nnnn
      BSYS NAME('
      bsys_user_name
      ')
    bsys_user_name
    specifies a text string to identify the user (for example, BSYS User 1).

Implement Signon and Signoff with
Top Secret

External security includes security for signon and signoff. The
Top Secret
security administrator must create a region control ACID, FACILITY, and started task definition for the online STC (NETMASTR).
To create this definition
  1. Create a region control ACID using the following commands:
    TSS CRE(
    netmacid
    ) NAME('
    region_acid
    NETMASTR') DEPT(
    netmdept
    ) PROTECTED FAC(STC,NETMASTR) MASTFAC(NETMASTR) NOVOLCHK NORESCHK NOLCFCHK NODSNCHK NOSUBCHK
  2. Create a NETMASTR FACILITY by placing the following statements into the
    Top Secret
    startup parameter file member:
    FAC(
    usernn
    =NAME=NETMASTR) FAC(NETMASTR=NOABEND,ASUBM) FAC(NETMASTR=INSTDATA,KEY=8,LCFCMD,LOCKTIME=0,NOLUMSG) FAC(NETMASTR=MULTIUSER,PGM=NM0,NORNDPW,RES,SIGN(M)) FAC(NETMASTR=SHRPRF,NOSTMSG,NOTSOC,WARNPW,NOXDEF)
    The facility name (
    usernn
    ) must be unique. Check the startup parameter file member to ensure there are no duplicate names.
  3. Define the NETMASTR STC to the
    Top Secret
    STC table using the following command:
    TSS ADD(STC) PROCNAME(NETMASTR) ACID(
    netmacid
    )
  4. For any region control ACID to be used to sign on, authorize it to the NETMASTR FACILITY using the following command:
    TSS ADD(
    user1
    ) IBMFAC(NETMASTR)