During sign-on processing, CICS® issues a request to RACF® to verify the
user's password, and to check whether the user is allowed to access that
terminal. This check is also performed for the userid specified for preset
security terminal definitions. Autoinstalled consoles that are using automatic
sign-on are treated as though they have a preset security definition (see
Preset terminal security). If the terminal is not defined to RACF, RACF responds to
CICS according to the system-wide RACF option specified by the SETROPTS command.
The options are as follows:
- TERMINAL(READ)
- With this option in force, terminal users can sign on at any terminal
covered by a profile to which they have been permitted access, or at any terminal
not defined as protected by RACF.
- TERMINAL(NONE)
- With this option in force, terminal users can sign on at only those
terminals with specific terminal profiles defined to RACF, and which they
are authorized to use.
Note: The TERMINAL class does not control access from MVS consoles. These
are controlled by the CONSOLE resource class. See
Console profiles.
You can override the system-wide terminal options at the RACF group level
by means of the group terminal options, TERMUACC or NOTERMUACC.
See Universal access authority for undefined terminals for more information about the SETROPTS command
for terminals, and about the TERMUACC|NOTERMUACC option on groups.