ca.portal.admin

External Security for IDMS Signon

Discussion created by ca.portal.admin on Dec 18, 2006
Latest reply on Dec 18, 2006 by ca.portal.admin
Hi All:

Would anyone care to share their experiences (good and bad) securing
IDMS signon with an external security authority (RACF, ACF2, TSS)?

I'm only interested in SIGNON security, and my particular areas of
interest are (1) performance and (2) use of 24bit storage. Any
information regarding areas of consideration when using IDMS to call CA
Common Services are appreciated in advance!

Thanks,

Tom Schoenborn
T.A. Schoenborn & Associates LLC
"
IDMS Public Discussion Forum
IDMS-L@LISTSERV.IUASSN.COM
SMTP
IDMS-L@LISTSERV.IUASSN.COM
IDMS-L@LISTSERV.IUASSN.COM
SMTP








Normal

Normal
External Security for IDMS Signon
"Hi All:

Would anyone care to share their experiences (good and bad) securing IDMS signon with an external security authority (RACF, ACF2, TSS)?

I'm only interested in SIGNON security, and my particular areas of interest are (1) performance and (2) use of 24bit storage. Any information regarding areas of consideration when using IDMS to call CA Common Services are appreciated in advance!

Thanks,

Tom Schoenborn
T.A. Schoenborn & Associates LLC
"
IDMS Public Discussion Forum
IDMS-L@LISTSERV.IUASSN.COM
SMTP
IDMS-L@LISTSERV.IUASSN.COM
IDMS-L@LISTSERV.IUASSN.COM
SMTP








Normal

Normal
Re: External Security for IDMS Signon
"Gary (or anyone else),

When you use RACF for IDMS signon, do you still get the other things
associated with an IDMS signon - user profile, activity classes, etc?
"
IDMS Public Discussion Forum
IDMS-L@LISTSERV.IUASSN.COM
SMTP
IDMS-L@LISTSERV.IUASSN.COM
IDMS-L@LISTSERV.IUASSN.COM
SMTP








Normal

Normal
Re: [IDMSVENDOR-L] External Security for IDMS Signon
"Gary (or anyone else),

When you use RACF for IDMS signon, do you still get the other things
associated with an IDMS signon - user profile, activity classes, etc?



only if:

1) you define these resource classes and privileges in RACF
2) you configure RHDCSRTT to call externally when such a security check
is needed


sincerely,
anyone else

(kinda like ""the rest"" from season 1 of Gilligan's Island)

The information transmitted is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL material. If you receive this material/information in error, please contact the sender and delete or destroy the material/information.
"
IDMS Public Discussion Forum
IDMS-L@LISTSERV.IUASSN.COM
SMTP
IDMS-L@LISTSERV.IUASSN.COM
IDMS-L@LISTSERV.IUASSN.COM
SMTP








Normal

Normal
Re: External Security for IDMS Signon
"Kay,

You will need to add the IDMS security pieces separately. One of my clients uses REXX to create the input for both TopSecret and IDMS security.

Bob Wiklund
Tiburon Technologies
623 594-6022

________________________________

From: IDMS 3rd-party providers forum on behalf of Rozeboom, Kay [DAS]
Sent: Mon 12/18/2006 9:03 AM
To: IDMSVENDOR-L@LISTSERV.IUASSN.COM
Subject: Re: External Security for IDMS Signon



Gary (or anyone else),

When you use RACF for IDMS signon, do you still get the other things
associated with an IDMS signon - user profile, activity classes, etc?=20

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
"
IDMS Public Discussion Forum
IDMS-L@LISTSERV.IUASSN.COM
SMTP
IDMS-L@LISTSERV.IUASSN.COM
IDMS-L@LISTSERV.IUASSN.COM
SMTP








Normal

Normal
Re: External Security for IDMS Signon
"We secure signon externally through RACF and all else internally.

The only IDMS related RACF definitions we have are users and the
resources in class APPL that Gary mentioned.

We still get profile processing, activity classes, etc. at signon.

Here's the first part of our SRTT:

#SECRTT TYPE=INITIAL
#SECRTT TYPE=ENTRY,
RESTYPE=SGON,
SECBY=EXTERNAL,
EXTCLS='APPL',
EXTNAME=(RESNAME)
#SECRTT TYPE=ENTRY,RESTYPE=SYSA,SECBY=INTERNAL
#SECRTT TYPE=ENTRY,RESTYPE=DCA,SECBY=INTERNAL
#SECRTT TYPE=ENTRY,RESTYPE=USER,SECBY=INTERNAL
#SECRTT TYPE=ENTRY,RESTYPE=GROU,SECBY=INTERNAL
#SECRTT TYPE=ENTRY,RESTYPE=UPRF,SECBY=INTERNAL
#SECRTT TYPE=ENTRY,RESTYPE=DB,SECBY=INTERNAL
#SECRTT TYPE=ENTRY,RESTYPE=DBTB,SECBY=INTERNAL
#SECRTT TYPE=ENTRY,RESTYPE=DMCL,SECBY=INTERNAL
#SECRTT TYPE=ENTRY,RESTYPE=ACTI,SECBY=INTERNAL

Outcomes