RE: DTSECTAB

Subject: RE: DTSECTAB
From: Kevin Corkery (kcorkery@live.com)
Date: Wed Nov 11 2009 - 15:38:34 EST

• Next message: Frank M. Ramaekers: "RE: Using Virtual Tape with Shared Power Queues"
• Previous message: Kevin Corkery: "RE: deleteing dumps from dump library"
• In reply to: Henry, Bob: "RE: DTSECTAB"
• Next in thread: Henry, Bob: "RE: DTSECTAB"
• Reply: Kevin Corkery: "RE: DTSECTAB"

Actually, CICS SEC=YES tells CICS/TS to use RACROUTE to send security
authorizations requests to the BSM partition.  BSM provides the responses to
CICS/TS that it would expect to receive from RACF (or similar security
manager).  The CICS security maintenance screens populate the information
used by the BSM to accomplish this.  

  _____  

From: owner-vse-l@Lehigh.EDU [mailto:owner-vse-l@Lehigh.EDU] On Behalf Of
Henry, Bob
Sent: Wednesday, November 11, 2009 3:12 PM
To: VSE Discussion List
Subject: RE: DTSECTAB



I knew there was  a CICS SEC=YES, but I also assumed that VSE SEC=YES was
implemented by the fact that SECSERV was running in partition FB. I guess if
I had thought a little more I would have realized the ICCF and IESI
transaction codes were controlled by CICS SEC=YES. The fact remains that I
see no DTSECTAB phase in IJSYSRS.SYSLIB and I can get to what I think are
protected resources. Does that mean VSE SEC=YES is not installed?

 

 

From: owner-vse-l@Lehigh.EDU [mailto:owner-vse-l@Lehigh.EDU] On Behalf Of
industrynews@winwholesale.com
Sent: Wednesday, November 11, 2009 3:03 PM
To: VSE Discussion List
Subject: Re: DTSECTAB

 

owner-vse-l@Lehigh.EDU wrote on 11/11/2009 01:54:56 PM:
> First off, I didn't install the VSE (4.1) system so I don't know the
> complete BSM background. From what I can tell, SEC=YES was used 
> because the BSM is running in FB and when I added a new PROG user a 
> couple days ago I was "not authorized" to use ICCF and the IESI 
> transaction code until I added the user to the appropriate groups. 

        Well, don't get VSE SEC=YES confused with CICS SEC=YES.  The two are
not the same -- even if related.  The issue you experienced is related to
CICS SEC=YES but is NOT related to VSE SEC=YES.  To use CICS SEC=YES, no
DTSECTAB is required at all.  VSE SEC=YES (and DTSECTAB, by association) is
only required for VSE library and batch security.  CICS is a separate issue.
Did that clear anything up?  ...or, did you already know this much? 

Sincerely,

Dave Clark

WinWholesale Group Services
3110 Kettering Boulevard
Dayton, Ohio  45439  USA
(937) 294-5331


This email message and any attachments is for use only by the named
addressee(s) and may contain confidential, privileged and/or proprietary
information. If you have received this message in error, please immediately
notify the sender and delete and destroy the message and all copies. All
unauthorized direct or indirect use or disclosure of this message is
strictly prohibited. No right to confidentiality or privilege is waived or
lost by any error in transmission. 

• Next message: Frank M. Ramaekers: "RE: Using Virtual Tape with Shared Power Queues"
• Previous message: Kevin Corkery: "RE: deleteing dumps from dump library"
• In reply to: Henry, Bob: "RE: DTSECTAB"
• Next in thread: Henry, Bob: "RE: DTSECTAB"
• Reply: Kevin Corkery: "RE: DTSECTAB"

This archive was generated by hypermail 2b25 : Sun Nov 22 2009 - 16:35:07 EST