Steps for controlling whether an application can bind to create a DVIPA within a specific VIPARANGE subnet
You can define a System Authorization Facility (SAF) resource profile in the SERVAUTH class to control which applications can bind to create dynamic VIPAs (DVIPAs) within a specific VIPARANGE subnet.
Procedure
Perform the following steps to control whether an application can bind to create a DVIPA within a specific VIPARANGE subnet for use by only that application:
Results
In this example, sysname is the name of the MVS™ system, userid is the user ID that is associated with the application, and tcpname is the job name of the TCP/IP started task. For information about how the job name for a started task, such as TCP/IP, is determined, see Steps for controlling which applications can bind to create a DVIPA.
- If the SAF parameter is specified and the user ID has READ access to the resource, then the bind is processed.
- If the SAF parameter is specified and the user ID does not have READ access to the resource, then the bind fails.
- If the SAF parameter is specified but the resource profile is not defined, then the bind fails.
- All of the following profile specifications that include wildcard
values match the EZB.BINDDVIPARANGE.sysname.tcpname.resname resource profile name:
- EZB.BINDDVIPARANGE.*.*
- EZB.BINDDVIPARANGE.**
- EZB.BINDDVIPARANGE.*.*.*
The most specific match to a resource profile is always used.