Additional steps for enabling the administrative task scheduler and administrative enablement routines

The administrative task scheduler routines are Db2-supplied routines that enable you to schedule work. The administrative enablement routines are Db2-supplied routines that enable you to execute administrative work immediately.

Before you begin

Before you complete these steps, set up WLM application environments for the administrative task scheduler and administrative enablement routines, and either install the Db2-supplied routines during migration or install the Db2-supplied routines during installation.
Recommendation: If you do not have a WLM environment defined to run these routines, use Db2 core WLM environment DSNWLM_GENERAL, except as follows:
  • ADMIN_COMMAND_DSN - Use DSNWLM_REXX
  • ADMIN_COMMAND_UNIX - Use DSNWLM_PGM_CONTROL
  • ADMIN_INFO_SYSLOG - Use DSNWLM_REXX
  • ADMIN_INFO_SYSPARM - Use DSNWLM_NUMTCB1
  • ADMIN_JOB_CANCEL - Use DSNWLM_PGM_CONTROL
  • ADMIN_JOB_FETCH - Use DSNWLM_PGM_CONTROL
  • ADMIN_JOB_QUERY - Use DSNWLM_PGM_CONTROL
  • ADMIN_JOB_SUBMIT - Use DSNWLM_PGM_CONTROL
  • ADMIN_UPDATE_SYSPARM - Use DSNWLM_REXX
  • ADMIN_UTL_MONITOR - Use DSNWLM_PGM_CONTROL

About this task

The following routines are administrative task scheduler routines:

  • ADMIN_TASK_ADD
  • ADMIN_TASK_CANCEL
  • ADMIN_TASK_LIST
  • ADMIN_TASK_OUTPUT
  • ADMIN_TASK_REMOVE
  • ADMIN_TASK_STATUS
  • ADMIN_TASK_UPDATE

The following routines are administrative enablement routines:

  • ADMIN_COMMAND_DB2
  • ADMIN_COMMAND_DSN
  • ADMIN_COMMAND_MVS
  • ADMIN_COMMAND_UNIX
  • ADMIN_DS_BROWSE
  • ADMIN_DS_DELETE
  • ADMIN_DS_LIST
  • ADMIN_DS_RENAME
  • ADMIN_DS_SEARCH
  • ADMIN_DS_WRITE
  • ADMIN_EXPLAIN_MAINT
  • ADMIN_INFO_HOST
  • ADMIN_INFO_SMS
  • ADMIN_INFO_SQL
  • ADMIN_INFO_SSID
  • ADMIN_INFO_SYSLOG
  • ADMIN_INFO_SYSPARM
  • ADMIN_JOB_CANCEL
  • ADMIN_JOB_FETCH
  • ADMIN_JOB_QUERY
  • ADMIN_JOB_SUBMIT
  • ADMIN_UPDATE_SYSPARM
  • ADMIN_UTL_EXECUTE
  • ADMIN_UTL_MODIFY
  • ADMIN_UTL_MONITOR
  • ADMIN_UTL_SCHEDULE
  • ADMIN_UTL_SORT

Procedure

To enable the administrative task scheduler and administrative enablement routines:

  1. In the JCL for starting the WLM-established address space for running the stored procedures whose load module must reside in an APF-authorized library, ensure that all libraries in the STEPLIB DD concatenation are APF-authorized.
  2. Take the following steps, which are required because the started task module, DSNADMT0, of the administrative task scheduler switches users by using the pthread_security_np() function of z/OS UNIX System Services:
    1. Ensure that the started task user (STARTUID) has READ access to the BPX.SERVER FACILITY class profile by taking the action that is recommended in the following table.
      The action that you take depends on whether the BPX.SERVER is defined and whether the STARTUID is a superuser.
      Table 1. Ensuring that the STARTUID has READ access to the BPX.SERVER FACILITY class profile
      Is the BPX.SERVER in FACILITY class defined? Is the STARTUID a superuser? Actions to take
      No No

      1. Define the BPX.SERVER class profile in the FACILITY class.

      2. Permit STARTUID READ access to this profile.
      No Yes No action required
      Yes n/a Permit STARTUID READ access to resource profile BPX.SERVER in the FACILITY class.
    2. Ensure that the scheduler program is program controlled by taking one of the following actions:
      • Define the scheduler program to RACF program control, by customizing and running job step DSNADSR in job DSNTIJRA.
      • Define the BPX.DAEMON.HFSCTL class profile in the FACILITY class, and permit STARTUID READ access to this profile.
  3. If the BPX.DAEMON facility class is active and the BPX.DAEMON.HFSCTL facility class is not defined, perform the following actions for the stored procedures that must be registered to RACF® program control.
    The stored procedures that require RACF program control are:
    • ADMIN_COMMAND_UNIX
    • ADMIN_JOB_CANCEL
    • ADMIN_JOB_FETCH
    • ADMIN_JOB_QUERY
    • ADMIN_JOB_SUBMIT
    1. Customize and run job step DSNADER in job DSNTIJRA to define the security environment for these stored procedures. You need to uncomment job step DSNADER before you run job DSNTIJRA. You do not need to run any other job steps in job DSNTIJRA.
    2. Ensure that you have a WLM environment for these stored procedures that meets the following requirements:
      • The WLM-established stored procedure address space loads only controlled programs.
      • In the JCL for starting the WLM-established address space for running these stored procedures, ensure that all libraries in the STEPLIB DD concatenation are APF-authorized.
      • The name of this environment must match the WLMENV parameter value in the configuration control statement for each stored procedure in job DSNTIJRT.