PH63652: NEW FUNCTION

Obtain the fix for this APAR.

APAR status

• Closed as new function.

Error description

• New Function
  

Local fix

Problem summary

• ****************************************************************
  * USERS AFFECTED: All Distributed Data Facility (DDF) users.   *
  *                 Specifically users of Db2 System Profile     *
  *                 Monitoring keyword MONITOR product-type      *
  *                 CONNECTIONS FOR SECURITY.                    *
  ****************************************************************
  * PROBLEM DESCRIPTION: This APAR adds new filtering options    *
  *                      to the AUTHID column of the             *
  *                      DSN_PROFILE_TABLE when the KEYWORDS     *
  *                      column of the DSN_PROFILE_ATTRIBUTES    *
  *                      is MONITOR product-type CONNECTIONS     *
  *                      FOR SECURITY.                           *
  ****************************************************************
  Currently, MONITOR product-type CONNECTIONS FOR SECURITY
  keyword can be specified for profiles with a filtering value
  in the LOCATION column of the DSN_PROFILE_TABLE.
  
  Users would like to apply security profile rules more precisely
  by specifying the authorization ID of a monitored user. This
  capability can help discover and enforce secure connectivity
  when the authorization IDs associated with each application are
  known, without knowing the IP addresses from which those
  applications are running. This enables the enforcement of
  stronger security policies across the network in a phased and
  gradual manner.
  

Problem conclusion

Temporary fix

Comments

• This APAR adds filtering options to the AUTHID column of the
  DSN_PROFILE_TABLE for security profiles to include the
  following:
  - A fully specified value
  - A set of characters followed by an asterisk (*) wildcard
  - A single-byte asterisk value ('*') that applies to all
    connections
  For more information about using profiles to monitor remote
  connections for security purposes, see the Db2 for z/OS
  documentation:
  https://www.ibm.com/docs/en/SSEPEK_13.0.0/seca/src/tpc/
  db2z_controlsecureconnectivityprofiles.html
  

APAR Information

• APAR is sysrouted FROM one or more of the following:

• APAR is sysrouted TO one or more of the following:

  UI99588

Modules/Macros

• DSNLJEMG DSNLJHPP DSNLJTIN DSNLTEXC DSNLTSEC DSNT1MST DSNT1RSP
  

Fix information

• Fixed component name

  DB2 OS/390 & Z/

• Fixed component ID

  5740XYR00

Applicable component levels

• RD10 PSY UI99588

     UP25/01/16 P F501  

Fix is available

• Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.