Customizing the Z Data Tools security environment
Z Data Tools provides security for system-oriented functions through RACF® (or an equivalent security product).
If RACF® or an equivalent security product is active, the System Authorization Facility (SAF) with the Z Data Tools enhanced security facility is used for access control and authorization verification. Authorization is controlled by Z Data Tools-specific profiles in the FACILITY class. See Setting up the security environment by using RACF or an equivalent security product for information on defining profiles. If you use another security product than RACF®, consult the documentation for your product to determine how to define the FILEM facility to your product.
As a minimum, you should:
- Define the following
profiles:
RDEFINE FACILITY FILEM.DISK.* UACC(READ) or NONE RDEFINE FACILITY FILEM.DISK.FULLPACK UACC(NONE) RDEFINE FACILITY FILEM.LOADMOD.UPDATE UACC(READ) or NONE RDEFINE FACILITY FILEM.TAPE.* UACC(READ) or NONE RDEFINE FACILITY FILEM.TAPE.BLP UACC(NONE) RDEFINE FACILITY FILEM.VSAM.* UACC(READ) or NONE RDEFINE FACILITY FILEM.OAM.* UACC(READ) or NONE RDEFINE FACILITY FILEM.OTHER.ALL UACC(READ) or NONE - Define data set profiles for data sets allocated to HFMAUTH DD with UACC(NONE). For more details, see Preparing for Z Data Tools Remote Services.
- Set up your storage management routines so that data sets allocated to HFMAUTH DD are encrypted. For more details, see Preparing for Z Data Tools Remote Services.
- Transition from the use of *PASSWORD=REMEMBER to *PASSWORD=PASSTICKET in ZDT/CICS. *PASSWORD=REMEMBER will be deprecated in a future release. See sections Checklist for installing and customizing Z Data Tools to access CICS resources and Modifying and submitting HFM3INST and HFM3PRFD for further details.