Step 3.1 ControlM/Analyzer Security Definitions (Optional)
Step 3.2 Functions Security Definitions (Optional)
Step 3.3 Control Program Access to Datasets (Optional)
Select these steps to edit members CTBSTSS2, CTBSTSS3, or CTBSTSS4 in the IOA INSTWORK library.
For information about how to define Control‑M/Analyzer entities and user authorizations to TopSecret, see Control-M/Analyzer Basic Definition Security Calls, and Control-M/Analyzer Extended Definition Security Calls.
TSS ADD(sec-administrator-dept) IBMFAC($$CTB)
Set the sec-administrator-dept parameter to the appropriate value.
All entity names for each Control‑M/Analyzer protected element appear in Control-M/Analyzer Basic Definition Security Calls for Basic Definition mode and Control-M/Analyzer Extended Definition Security Callsfor Extended Definition mode.
Authorizations to access Control‑M/Analyzer datasets are defined during the Control‑M/Analyzer installation process. This step must be completed before proceeding with security implementation. For information about how to grant users access to Control‑M/Analyzer datasets, see the Control‑M/Analyzer chapter in the INCONTROL for z/OS Installation Guide: Installing.
TSS PERMIT(USERA) IBMFAC($$CTBEDM.qname) ACC(READ)
Do not define the $$CTBEDM.qname entity to operate in warning mode because this causes all users to operate in Extended Definition mode.
TSS PERMIT(USERA) IBMFAC($$CTB) ACC(READ)
Set the USERA parameter to the user ID of the Control‑M/Analyzer installer.
This job must be run under the ACID of the general security administrator (SCA) who is authorized to enter these TopSecret commands.
All job steps must end with a condition code of 0.
Parent Topic |