Assign started task procedures to user IDs

RMF™ provides three different started tasks. In this step, you define these started tasks to RACF® and assign them to the RMF user IDs.

RDEFINE STARTED RMF.*      STDATA(USER(RMF)      TRUSTED(YES))
RDEFINE STARTED RMFGAT.*   STDATA(USER(RMFGAT)   TRUSTED(YES))
RDEFINE STARTED GPMSERVE.* STDATA(USER(GPMSERVE) TRUSTED(YES))
RDEFINE STARTED GPM4CIM.*  STDATA(USER(GPMSERVE) TRUSTED(YES))
SETROPTS RACLIST(STARTED) REFRESH

The Distributed Data Server uses the IWMSRSRG service to register itself for sysplex routing. This service is an authorized service. Therefore, the calling DDS user ID GPMSERVE must either have the attribute TRUSTED or must have explicit READ access to the BPX.WLMSERVER Facility. Otherwise, the DDS cannot propagate hostname and port number for potential exploiters. If you did not mark the GPMSERVE task as TRUSTED(YES), as shown in the example above, you must grant access for this task to the RACF Facility BPX.WLMSERVER as shown below:

PERMIT  BPX.WLMSERVER CLASS(FACILITY) ID(GPMSERVE) ACCESS(READ)
Parent topic: Specifying access definitions