Defining the CICSPlex SM transactions in a CMAS
If transaction–attach security is active in a CMAS (that is, SEC=YES and XTRAN=YES|classname are specified in the system initialization parameters), you must define to RACF® the CICSPlex® SM transactions that run in a CMAS.
Procedure
- You must define the following CICSPlex SM transactions to RACF:
- BMLT
- LCPP
- LCMU
- LECI
- LECR
- LECS
- LEEI
- LEER
- LEMI
- LEMS
- LENS
- LMIR
- LNCI
- LNCS
- LNMI
- LNMS
- LPDG
- LPLK
- LPLT
- LPRT
- LPSC
- LPSM
- LRLT
- LSGT
- LSRT
- LWTM
- MCCM
- MCTK
- MMEI
- MMIS
- MMST
- PEAD
- PELT
- PMLT
- PNLT
- PPLT
- PRLT
- PRPR
- PSLT
- TICT
- TIRT
- TIST
- TSMH
- TSPD
- TSSC
- TSSJ
- WMCC
- WMGR
- WMLA
- WMQB
- WMQM
- WMQS
- WMSC
- WMWC
- WMWD
- WMWT
- WSCL
- WSLW
- XDBM
- XDNC
- XDND
- XDNE
- XDNR
- XDNS
- XDSR
- XLEV
- XLNX
- XLST
- XMLT
- XQST
- XZLT
A list of these transactions is also contained in the EYU$CDEF member of SEYUSAMP sample library.
- Define security for these transactions as
follows:
- If the CMAS is started by a PLT program, and a user ID is specified on a PLTPIUSR system initialization parameter, ensure that the PLTPIUSR user ID has authority to attach these transactions.
- If the CMAS is started by a PLT program, and no user ID is specified on a PLTPIUSR system initialization parameter, ensure that CICS® region user ID has authority to attach these transactions.
- If the CMAS starts by using the SIT parameter CPSMCONN, and a user ID is specified on a PLTPIUSR system initialization parameter, ensure that the PLTPIUSR user ID has authority to attach these transactions.
- If the CMAS starts by using the SIT parameter CPSMCONN, and no user ID is specified on a PLTPIUSR system initialization parameter, ensure that CICS region user ID has authority to attach these transactions.
- Depending on the security attributes specified for any CMTCMDEF or CMTPMDEF, ensure that any user IDs that might flow from connected CMASs have the authority to attach these transactions.
- Define the following debugging transactions to RACF if transaction security is
active, regardless of the CICS release
running as the CMAS:
- CODB
- COD0
- COD1
- COD2
- COLU
These transactions are associated with a terminal and are supplied for debugging purposes under the guidance of IBM® support personnel. Authority to initiate these transactions must be restricted to only those users who might become involved in working with IBM to resolve CICSPlex SM problems.
- Give users access to the CESD shutdown-assist transaction.
Users who can attach CICSPlex SM transactions or define debugging transactions need access to CESD in case of CMAS failure.
- Allow only users who might need to shut down a CMAS to
access the COSD transaction. The COSD transaction allows a terminal user to shut down a CMAS.