If transaction–attach security is active in a CMAS (that is, SEC=YES and XTRAN=YES∨classname are specified in the system initialization parameters), you must define to RACF® the CICSPlex® SM transactions that run in a CMAS. The following is a list of the transaction IDs that you must define to RACF for CICSPlex SM.
|
|
|
|
The region userid, and any userid that may be specified on the PLTPIUSR system initialization parameter, must have authority to attach these transactions. In addition, and depending on the security attributes specified for any CMTCMDEF or CMTPMDEF, any userids which may flow from connected CMASs should have authority to attach these transactions. See Overview of intercommunication security for information on intercommunication security. For information about creating a CMAS to CMAS link definition, see CICSPlex System Manager Administration.
CODB
COD0
COD1
COD2
COLU
They must be defined to RACF if transaction security is active, regardless of the CICS release running as the CMAS. Authority to initiate these transactions should be restricted to only those users who may become involved in working with IBM to resolve CICSPlex SM problems.
Give users access to the CESD shutdown-assist transaction.
Users who can attach CICSPlex SM transactions or define debugging
transactions need access to CESD in case of CMAS failure.
The COSD transaction allows a terminal user to shut down a CMAS. Access to this transaction should be granted only to those users who may need to shut down a CMAS