Previous Topic Next topic Print topic


Define Mainframe Access to the Security Subsystem

Use RACF TSO commands to define the Mainframe Access started tasks (MFA, MFAAS and MFAS) and assign a userid and groupid to the tasks. The stcuserid should have appropriate access to the Mainframe Access data sets and should also have a basic OMVS RACF segment defined. At a minimum, the stcuserid OMVS segment must have a UID. The stcgroup must also have an OMVS segment with a GID. The following REDEFINE will provide the necessary definition for all of the started tasks (MFA, MFAAS and MFAS).

RDEFINE STARTED MFA*.* STDATA(USER(stcuserid) GROUP(stcgroup))
   OWNER(stcuserid)
SETROPTS RACLIST(STARTED) REFRESH
  

If you are using another security product such as CA-ACF2 or CA-Top Secret you will need to make similar updates to your security system definitions. MFA, MFAAS and MFAS will need a started task definition with an OMVS segment and they will need access to the SAF API for security subsystem calls. Please refer to your security product documentation.

Previous Topic Next topic Print topic