An installation can define and protect the use of extended MCS
consoles through a security product like RACF®. To define a user to RACF and control the use of the console, consider
the following:
- Arrange with the RACF security
administrator to define a RACF profile
for the user of the extended MCS console.
For an interactive TSO/E
user, the security or TSO/E administrator can use RACF commands to permit the user to issue the
TSO/E CONSOLE command. To customize the use of the TSO/E CONSOLE
command, the user can use the TSO/E operator presentation sample defined
as a series of Interactive System Productivity Facility (ISPF) panels
in SYS1.SAMPLIB. The SYS1.SAMPLIB member name that contains documentation
for the TSO/E operator presentation sample is IEATOPSD.
For
an MVS™ application program, the
administrator can use RACF commands
to protect the use of the MCSOPER macro. In the RACF profile, the administrator defines the
name of the extended MCS console that the application must specify
on the MCSOPER macro.
- Ensure that the TSO/E user or application that acts as an extended
MCS console has the proper console attributes.
In the RACF profile for the TSO/E user
or for the MCSOPER name that the application uses to activate the
console, the RACF security
administrator can specify the console attributes. An application
program can use MCSOPER instead of RACF to
specify these console attributes. If both RACF and MCSOPER define console attributes for
an extended MCS console, MCSOPER values override the RACF values.
Controlling extended MCS consoles using RACF describes examples of defining RACF user profiles for an extended
MCS console.