Define a user for AZF web services AZF#IN01 started task
Define a user for the AZF web services AZF#IN01 started task. In this document, AZFWEB is the user.
Procedure
-
Define a user for the AZF web services started task with the following properties:
- No passphrase or password
- Owned by a suitable started task group
- PROTECTED
- No TSO segment
- An OMVS segment with a unique user ID
USER=AZFWEB NAME=STCFORMFA OWNER=STCGROUPCREATED=15.257 DEFAULT-GROUP=STCGROUP PASSDATE=N/A PASS-INTERVAL=N/A PHRASEDATE=N/A ATTRIBUTES=PROTECTED REVOKEDATE=NONE RESUMEDATE=NONE LAST-ACCESS=15.282/13:36:54 CLASS AUTHORIZATIONS=NONE NO-INSTALLATION-DATA NO-MODEL-NAME LOGON ALLOWED (DAYS) (TIME) --------------------------------------------- ANYDAY ANYTIME GROUP=STCGROUP AUTH=USE CONNECT-OWNER=STCGROUP CONNECT-DATE=15.257 CONNECTS=123 UACC=NONE LAST-CONNECT=15.282/13:36:54 CONNECT ATTRIBUTES=GRPACC REVOKE DATE=NONE RESUME DATE=NONE SECURITY-LEVEL=NONE SPECIFIED CATEGORY-AUTHORIZATION NONE SPECIFIED SECURITY-LABEL=NONE SPECIFIED NO TSO INFORMATION OMVS INFORMATION ---------------- UID= 0000015101 CPUTIMEMAX= NONE ASSIZEMAX= NONE FILEPROCMAX= NONE PROCUSERMAX= NONE THREADSMAX= NONE MMAPAREAMAX= NONE
- Save the change.
-
To verify the user information, you can use a command such as the following:
LU AZFWEB OMVS
-
If you want to audit successful authentications by SMF record type 83 subtype 7 records, you
must specify UAUDIT attributes for the started task user ID. See IBM MFA SMF Record type 83 subtype 7 records for information on SMF record type 83 subtype 7 records. See
z/OS Security Server RACF Macros and Interfaces for information on SMF
records.
Note: Authentication failures always result in the generation of SMF type 83 subtype 7 records.