Subject: RE: DTSECTAB
From: Henry, Bob (Bob.Henry@sungardhe.com)
Date: Wed Nov 11 2009 - 15:57:55 EST
So the bottom line is I may not have VSE SEC=YES turned on when VSE was installed. Is that correct?
From: owner-vse-l@Lehigh.EDU [mailto:owner-vse-l@Lehigh.EDU] On Behalf Of Kevin Corkery
Sent: Wednesday, November 11, 2009 3:39 PM
To: VSE Discussion List
Subject: RE: DTSECTAB
Actually, CICS SEC=YES tells CICS/TS to use RACROUTE to send security authorizations requests to the BSM partition. BSM provides the responses to CICS/TS that it would expect to receive from RACF (or similar security manager). The CICS security maintenance screens populate the information used by the BSM to accomplish this.
________________________________
From: owner-vse-l@Lehigh.EDU [mailto:owner-vse-l@Lehigh.EDU] On Behalf Of Henry, Bob
Sent: Wednesday, November 11, 2009 3:12 PM
To: VSE Discussion List
Subject: RE: DTSECTAB
I knew there was a CICS SEC=YES, but I also assumed that VSE SEC=YES was implemented by the fact that SECSERV was running in partition FB. I guess if I had thought a little more I would have realized the ICCF and IESI transaction codes were controlled by CICS SEC=YES. The fact remains that I see no DTSECTAB phase in IJSYSRS.SYSLIB and I can get to what I think are protected resources. Does that mean VSE SEC=YES is not installed?
From: owner-vse-l@Lehigh.EDU [mailto:owner-vse-l@Lehigh.EDU] On Behalf Of industrynews@winwholesale.com
Sent: Wednesday, November 11, 2009 3:03 PM
To: VSE Discussion List
Subject: Re: DTSECTAB
owner-vse-l@Lehigh.EDU wrote on 11/11/2009 01:54:56 PM:
> First off, I didn't install the VSE (4.1) system so I don't know the
> complete BSM background. From what I can tell, SEC=YES was used
> because the BSM is running in FB and when I added a new PROG user a
> couple days ago I was "not authorized" to use ICCF and the IESI
> transaction code until I added the user to the appropriate groups.
Well, don't get VSE SEC=YES confused with CICS SEC=YES. The two are not the same -- even if related. The issue you experienced is related to CICS SEC=YES but is NOT related to VSE SEC=YES. To use CICS SEC=YES, no DTSECTAB is required at all. VSE SEC=YES (and DTSECTAB, by association) is only required for VSE library and batch security. CICS is a separate issue. Did that clear anything up? ...or, did you already know this much?
Sincerely,
Dave Clark
WinWholesale Group Services
3110 Kettering Boulevard
Dayton, Ohio 45439 USA
(937) 294-5331
This email message and any attachments is for use only by the named addressee(s) and may contain confidential, privileged and/or proprietary information. If you have received this message in error, please immediately notify the sender and delete and destroy the message and all copies. All unauthorized direct or indirect use or disclosure of this message is strictly prohibited. No right to confidentiality or privilege is waived or lost by any error in transmission.
This archive was generated by hypermail 2b25 : Sun Nov 22 2009 - 16:20:07 EST