These environment variables relate to configuring the security and auditing environment.
- ES_CESN_NO_OS390
- Overrides the default behaviour CESN transaction response for invalid user credentials. Default behaviour reports "Your userid
is invalid" or "Your password is invalid".
- Syntax
- Values
- Setting this variable to any value causes CESN to produce an invalid credential message instead of a specific invalid user
or invalid password message.
- Default
Specific invalid user/password messages will be produced.
- ES_DISABLE_DFLTUSR_SIGNON
- Disables the default user ("mfuser") signon when invoking ES Monitor & Control (ESMAC).
- Syntax
ES_DISABLE_DFLTUSR_SIGNON=value
- Values
- Y or
y Having logged on to ES administration via your MFDS internal security account, you no longer receive the auto logon as "mfuser"
when accessing ESMAC.
- Default
- If this is not set,
mfuser will be used as the default user to sign in to ESMAC.
- ES_ESM_PLTPISEC
- The level of security checking for PLTPI processing.
- Syntax
- Values
- NONE - You do not want any security checking on PLT initialization programs.
- CMDSEC - You want CICS to perform command security checking only.
- RESSEC - You want CICS to perform resource security checking only.
- ALL - You want CICS to perform both command and resource security checking.
Default
NONE
- ES_ESM_RCF
- Determines how RACF is used for command authorization
- Syntax
- Values:
- A Includes options T, C, and S.
- C Specifies that RACF is to be used for ETO terminal command authorization.
- N Specifies that no sign-on, transaction, or command authorization is to be performed by RACF.
- S Specifies that RACF is to be used for static and ETO terminal command authorization. Includes option C.
- T Specifies that RACF is to be used for sign-on and transaction authorization.
- Y Includes options T and C.
- Default
- N
- ES_OLD_SEC_TSTD
- Prevents security being enforced for TS or TD queues that are not declared in the security repository.
- Syntax
SET ES_OLD_SEC_TSTD=value
- Values
- Default
- By default security is enforced for TS or TD queues that are not declared in the security repository.
- ES_SURROGATE_JOB_USER
- Associates a user ID with a job when submitting the job for processing through the internal reader from CICS.
Syntax
ES_SURROGATE_JOB_USER=value
- Values
Any value - The user ID that started the ES region is used in the job submission.
Default
By default, the CICS default user CICSUSER, or as specified by
ES_USR_DFLT_CICS, is used in the job submission.
- MF_ROOT_CERT
- Enables the MF Directory Server process and any client applications to pick up the value of the root certificate file.
- MFAUDIT_LOGS
- The location of audit files.