Define Remote Background User IDs
Define a remote background user ID so that remote users on a linked system can log on to a local region.
12-1
When the regions are linked, you want to permit a remote region background user (
nnnn
BSYS) to log on to the local region. Define the remote background user ID to the local region:- Define the remotennnnBSYS user ID to the local region UAMS.If you use the Multi-System Support Menu to link regions, add the remote region background user ID (nnnnBSYS) to the User Access Maintenance System (UAMS) for the local region. Then, assign thennnnBSYSuser ID to the $RMBUSER group.
- Define the remotennnnBSYS user ID as a user to the external security package. No password is required:
- ForACF2, use the following commands:ACF SET LID INSERTnnnnBSYS NAME(bsys_user_name) PASSWORD(NOPW)
- ForTop Secret, use the following command:TSS CRE(nnnnBSYS) TYPE(USER) DEPT(dept_acid) NAME('bsys_user_name') PROTECTED
- For RACF, use the following command:ADDUSERnnnnBSYS NAME('bsys_user_name')
bsys_user_namespecifies a text string to identify the user (for example, BSYS User 1).
Implement Signon and Signoff with Top Secret
Top Secret
External security includes security for signon and signoff. The
Top Secret
security administrator must create a region control ACID, FACILITY, and started task definition for the online STC (NETMASTR).To create this definition
- Create a region control ACID using the following commands:TSS CRE(netmacid) NAME('region_acidNETMASTR') DEPT(netmdept) PROTECTED FAC(STC,NETMASTR) MASTFAC(NETMASTR) NOVOLCHK NORESCHK NOLCFCHK NODSNCHK NOSUBCHK
- Create a NETMASTR FACILITY by placing the following statements into theTop Secretstartup parameter file member:FAC(usernn=NAME=NETMASTR) FAC(NETMASTR=NOABEND,ASUBM) FAC(NETMASTR=INSTDATA,KEY=8,LCFCMD,LOCKTIME=0,NOLUMSG) FAC(NETMASTR=MULTIUSER,PGM=NM0,NORNDPW,RES,SIGN(M)) FAC(NETMASTR=SHRPRF,NOSTMSG,NOTSOC,WARNPW,NOXDEF)The facility name (usernn) must be unique. Check the startup parameter file member to ensure there are no duplicate names.
- Define the NETMASTR STC to theTop SecretSTC table using the following command:TSS ADD(STC) PROCNAME(NETMASTR) ACID(netmacid)
- For any region control ACID to be used to sign on, authorize it to the NETMASTR FACILITY using the following command:TSS ADD(user1) IBMFAC(NETMASTR)