Perform the following steps to define the required SERVAUTH profiles
on each node to be enabled to use TCP/IP connections:
- Determine whether access to the TCP/IP stack is
protected. If it is, the following resource is protected in the SERVAUTH
class:
EZB.STACKACCESS.sysname.tcpname
______________________________________________________________________
- If the TCP/IP stack is not protected, skip this
step.
If it is protected, add the user ID of the RACF® subsystem to the access list for the TCP/IP
stack:
Example:
PERMIT EZB.STACKACCESS.NODE1.TCPIP CLASS(SERVAUTH) ID(RACFSUB) ACCESS(READ)
Note: If
the TCP/IP stack is protected, do not skip this step even when the
user ID of RACF subsystem has
the TRUSTED or PRIVILEGED attribute on your system.
______________________________________________________________________
- If a SAF name is assigned to the RRSF listener
port in the TCP/IP profile, protect the listener port with a profile
that protects the following resource:
EZB.PORTACCESS.sysname.stack-name.SAF-name
Examples:
RDEFINE SERVAUTH EZB.PORTACCESS.NODE1.TCPIP.RRSF
-or-
RDEFINE SERVAUTH EZB.PORTACCESS.*.*.RRSF
Specify
the SAF name provided by the programmer in Before you begin.
______________________________________________________________________
- Add the user ID of the RACF subsystem to the access list for the RRSF
listener port:
Example:
PERMIT EZB.PORTACCESS.NODE1.TCPIP.RRSF CLASS(SERVAUTH) ID(RACFSUB) ACCESS(READ)
Note: Do
not skip this step even when the user ID of RACF subsystem has the TRUSTED or PRIVILEGED
attribute on your system.
______________________________________________________________________
- Activate your SERVAUTH profile changes, as follows.
- If the SERVAUTH class is not already active, activate and RACLIST
it.
Example:
SETROPTS CLASSACT(SERVAUTH) RACLIST(SERVAUTH)
- If the SERVAUTH class is already active and RACLISTed, refresh
it.
Example:
SETROPTS RACLIST(SERVAUTH) REFRESH
______________________________________________________________________
When you are finished, you have administered the SERVAUTH class
profiles required to enable each RRSF node to use TCP/IP node connections.