Generic return code enhancement for RACF verifications

In IMS 15, if RACF® is used to provide sign-on verification for VTAM® terminals or IMS Connect clients and the user ID or password provided at sign-on is invalid, you can enable a generic return code or message to be returned instead of the actual RACF or IMS return code.

With this enhancement, you can inhibit access to information about RACF-verified sign-ons until valid user IDs and passwords are provided.

The option to enable the RACF generic return code to be returned when attempts to sign on to IMS fail is delivered by the following APARs/PTFs:

For sign-on from VTAM terminals, APAR PI95173 (PTFs UI55199 and UI55198)
For sign-on from IMS Connect clients, APAR PI94909 (PTF UI55527)

Changes to installing and defining IMS

The SGNGENRC= parameter for procedures is added to allow you to specify whether a generic return code is issued by IMS if RACF is used to verify sign-ons to IMS and the user ID or password provided is invalid.

The RACFGENRC= parameter is added to the HWS statement of the HWSCFGxx member of the IMS PROCLIB data set to allow you to specify whether a generic return code or message is returned by IMS Connect. The generic return code or message is issued if RACF is used to verify sign-ons from IMS Connect clients and the user ID or password provided is invalid.

Changes to troubleshooting for IMS

For a list of the messages and codes that are new or changed for this enhancement, see the IMS messages and codes row in the table in Documentation changes.

For a complete list of all of the new, changed, and deleted messages, and abend codes in IMS 15, see Message and code changes in IMS 15.

Changes to commands

The UPDATE IMSCON TYPE(CONFIG) command is enhanced to add the RACFGENRC attribute to the SET keyword. You can use the RACFGENRC attribute to define whether a generic return code or message is returned if RACF is used to verify sign-ons from IMS Connect clients and the user ID or password provided is invalid.

The QUERY IMSCON TYPE(CONFIG) command is enhanced to add the RACFGENRC filter to the SHOW keyword. You can use the RACFGENRC filter to query whether a generic return code or message is returned if RACF is used to verify sign-ons from IMS Connect clients and the user ID or password provided is invalid.

For a list of the commands that are new or changed for this enhancement see the IMS commands row in the table in Documentation changes.

Changes to exit routines

The Security Information Block (SAFIB) of the IMS Connect Event Recorder exit routine (HWSTECL0) is enhanced to indicate that a RACF request type is R_PASSWORD.

Documentation changes

The following table lists the publications that contain new or changed topics for the Generic return code enhancement for RACF verifications. Publications that are not impacted by this enhancement are not included in the table.

Table 1. Links to topics that have new or changed content for this enhancement
Publication	Links to topics
Release planning	General planning information for IMS 15 Message and code changes in IMS 15 IMS 15 enhancements IMS 15 system continuous delivery functions Generic return code enhancement for RACF verifications (new) (this topic)
System definition	HWS statement SGNGENRC= parameter for procedures (new)
Communications and connections	IMS Connect support for RACF Enabling generic return codes or message for RACF verifications (new)
IMS messages and codes	DFS messages DFS3649A DFS4865E (new) DFS4866E (new)	HWS messages HWSX0909E	IMS abend codes 0718
IMS commands	IMS commands QUERY IMSCON TYPE(CONFIG) command UPDATE IMSCON TYPE(CONFIG) command
Exit routines	Security Information Block (SAFIB)