Push-to-client developer groups
z/OS® Explorer clients can pull client configuration files and upgrade information from the host when they connect, ensuring that all clients have common settings and that they are up-to-date.
The client administrator can create multiple client configuration sets and multiple client update scenarios to fit the needs of different developer groups. This allows users to receive a customized setup, based on criteria like membership of an LDAP group or permit to a security profile.
When using definitions in your security database as selection mechanism
(the SAF value is specified for directives in
pushtoclient.properties), z/OS Explorer verifies
access permits to the profiles listed in Table 1 to determine
which developer groups the user belongs to, and whether a user is
allowed to reject updates.
|FACILITY profile||Fixed length||Required access||Result|
|23||READ||Client accepts configuration updates for the specified group|
|24||READ||Client accepts product updates for the specified group|
|30||READ||User can reject configuration updates|
|31||READ||User can reject product updates|
devgroup value matches the group name assigned
to a specific group of developers. Note that the group name is visible
on z/OS Explorer clients.
sysname value matches the system name of the
The “Fixed length” column documents the length of the fixed part of the related security profile.
By default, z/OS Explorer expects
FEK.* profiles to be in the
class. Note that profiles in the
FACILITY class are
limited to 39 characters. If the sum of the length of the fixed profile
FEK.PTC.<key>) and the length of the
site-specific profile part (
exceeds this number you can place the profiles in another class and
instruct z/OS Explorer to
use this class instead. To do so, uncomment
provide the desired class name, for example XFACILIT.
Note that the client administrator must be on the access list of
FEK.PTC.*.ENABLED.* profiles to define and manage
the related push-to-client metadata. This implies that the profiles
must be defined with (at least) the client administrator on the access
list before push-to-client with group support can be implemented.
See “(Optional) pushtoclient.properties, Host-based client control” in the Host Configuration Guide (SC27-8437) for more information about enabling multiple group support. See Push-to-client considerations for more information about push-to-client concepts and implementation.