Implementing a CA-ACF2 Environment

When assembling both the stage 1 signon exit and the stage 2 security exit, you must provide the following data definition (DD) statements.

  1. For the assembly step, ensure that the SYSLIB concatenation contains the following information:
    //         DD   DSN=$CD.SDGAMAC
    //         DD   DSN=SYS1.MODGEN
    //         DD   DSN=SYS1.MACLIB
  2. Replace $CD with the high-level qualifier for your IBM® Connect:Direct® data sets.
  3. For the link-edit step, provide the following DD statements.
    //         DD     DSN=SYS1.ACFAMOD
    //         DD     DSN=$CD.SDGALINK
    Note: You must have the High-Level Assembler for correct assembly. Do not specify NOALIGN as an option. The correct option is ALIGN.
  4. Specify the IBM Connect:Direct DTF logon ID (LID) with the following attributes:
    LID Attribute Comment
    MUSASS Required for ACF2.
    NON-CNCL Only required if you are not running DGAMGSAF.
    NO-SMC Required.
    SECURITY Only required if NEWPASS=YES is specified for the stage 2 security exit.
    ACCOUNT Only required if NEWPASS=YES is specified for the stage 2 security exit.
    JOBFROM Only required if the Run Job statement is allowed and the Run Job exit is active.
    STC Required if IBM Connect:Direct is run as a started task.
    RESTRICT Optional.
    PROMPT Optional. Enables IBM Connect:Direct to receive prompts from the operating system. For example, with the PROMPT attribute, IBM Connect:Direct receives a prompt for the password of a password protected data set if it was not supplied in the COPY statement DSN=filename/password.

    If you are executing IBM Connect:Direct as a started task, CA-ACF2 monitors started tasks and the IBM Connect:Direct logon ID specifies STC=YES. See the GSO OPTS field STC/NOSTC in the CA-ACF2 Administrator's Guide for more information.

    If you are using the program-pathing facility of CA-ACF2 that requires that the user logon ID be defined with the RESTRICT and SUBAUTH attributes, then the program name specified in the PROGRAM attribute for the user logon ID must be BPXPTATT for IBM Connect:Direct authorization.

    The SAF interface requires definitions (SAFDEF) for both BPXPTATT and DGADRNT$.