Specifying the CICS region user ID
When you start a CICS® region (either as a job or as a started task) in an MVS™ environment that has RACF® installed, the job or task is associated with a user ID, referred to as the CICS region user ID. The authority associated with this user ID determines which RACF-protected resources the CICS region can access.
- As a started task
- In the RACF started procedures table, ICHRIN03, when you
start CICS as a started task using the MVS
START command. See Authorizing CICS procedures to run under RACF.
However, do not assign the trusted or privileged attributes to CICS entries in the started procedures table. For more information, see the description of associating MVS started procedures with user IDs in the z/OS® Security Server RACF System Programmer's Guide.
- As a started job
- In a STARTED general resource class profile, on the user parameter of the STDATA segment.
- As a job
- On the USER parameter of the JOB statement when you start CICS as a JOB.
To ensure the authorizations for different CICS regions are properly differentiated, run each with a unique region user ID. For example, the user ID under which you run the production CICS regions to process payroll and personnel applications should be the only CICS user ID authorized to access production payroll and personnel data sets.