To set up external security for transactions, files, and PSBs, using IBM-supplied resource classes with prefixing, take the steps described in this section.
Before you define a profile, you must activate the relevant classes, using the SETROPTS CLASSACT and SETROPTS GENERIC commands, as described in Summary of RACF commands.
To ensure the least interruption to actual business processes, work in a test region first.
RDEFINE TCICSTRN CICS1.transaction-name UACC(NONE) NOTIFY(userid)
RDEFINE FCICSFCT CICS1.file-name UACC(NONE) NOTIFY(userid)
RDEFINE PCICSPSB CICS1.PSB-name UACC(NONE) NOTIFY(userid)
PERMIT CICS1.transaction-name CLASS(TCICSTRN) ACCESS(READ)
ID(userid or groupid)
PERMIT CICS1.file-name CLASS(FCICSFCT) ACCESS(READ)
ID(userid or groupid)
PERMIT CICS1.PSB-name CLASS(PCICSPSB) ACCESS(READ)
ID(userid or groupid)
SEC=YES XTRAN=YES XCMD=NO
SECPRFX=YES XFCT=YES XDB2=NO
XPSB=YES XDCT=NO
XJCT=NO
XPCT=NO
XPPT=NO
XTST=NO
XUSER=NO
XAPPC=NO