Configuring the Visual Client
About this task
Procedure
- Go into IBM® Security zSecure Admin on z/OS® ISPF.
- Enter SE (Setup), and select W (Windows configuration).
- Use action AP to create a client and an initial
password. You can also use action A for now and
use action P at a later time. If you use action AP now
and lose or cancel the initial password, or its validity expires before
the client is successfully installed, you can use action P to
generate a new initial password.Figure 1. Configuration screen for the zSecure Visual Windows Client
Menu Options Info Commands Setup ------------------------------------------------------------------------------- zSecure Visual - Configuration Command ===> __________________________________________________ _ start panel 1 1. Add, delete, or install zSecure Visual Windows client Server . . . . . . IP01 (IP or DNS) Server base port . 8000____ (IP base port of server) Act Agent id AP 12.1. 100_______ Act must be A, D, P, C, AP (A=add D=delete C=cancel pwd P=new pwd)Your TSO session does not have to be on the system where the server is active. Consequently, you must select the server by a resolvable DNS name or IP address and port number.
If you specify an IP address, ensure that you use the same IP address that your clients will use.Note: Do not use these addresses:- Loopback address
- Do not use because every stack has its own copy of the loopback address.
- Dynamic VIPA address
- Do not use because such an address might move between stacks or even between z/OS images.
You must identify the client by its client ID. The client ID must match the ID that is used in the Server definition dialog on the client.
- You are prompted to enter a userid and corresponding password: Figure 2. Userid and password configuration for zSecure Visual Windows client
Menu Options Info Commands Setup ------------------------------------------------------------------------------- zSecure Visual - Configuration Command ===> __________________________________________________ start panel 1 1. Add, delete, or install zSecure Visual Windows client +-----------------------------------------------------------+ Server | | or DNS) Server | | of server) | Enter userid and password | Act Ag | | AP 12 | Userid . . . . ADMIN | | Password . . . | | | +-----------------------------------------------------------+ Act must be A, D, P, C, AP (A=add D=delete C=cancel pwd P=new pwd)If the logon is successful and the client exists, you receive the initial password that you must supply in the Server definition dialog on the client side. The initial password has a limited validity of seven days, or the duration of the server run. For cancelation of the password before its validity expires, see Canceling a password.
If the password generation fails, a general error message is displayed in the right upper corner of the screen. A more descriptive error message is also displayed. For problem diagnosis see SE.W communication problems.
- Install the client on the personal computer by following
the instructions in the IBM Security zSecure Visual: Client Manual. The new client can be installed next to a previous release.
Customization of the previous release is not used by the new release.
However, you can copy previously defined servers, including their
certificates, as described in the IBM Security zSecure Visual: Client Manual.Note: When upgrading a 1.x server, existing certificates will automatically be converted to the new encryption standard for 2.x servers. It is not possible to create new certificates for a 1.x client on a 2.3.0 server.
Results
If the server behaves in an unexpected way, you can review the files in the log directory:
- bbracf.log, server.log
- These files provide information about the latest run of the server.
- bbracf.log0, ..., bbracf.log9
- These log history files correspond to previous runs of the server. There can be up to 10 log history files.
For additional information about debugging zSecure Visual client issues, see the IBM Security zSecure Visual: Client Manual