Ir para a página of
Manuais similares
-
Server
IBM 6.00E+04
233 páginas 0.94 mb -
Server
IBM eServer System x3650 M3 7945K3G
21 páginas -
Server
IBM OS/390
76 páginas 0.51 mb -
Server
IBM Flex System x240
1 páginas -
Server
IBM System x3850 X5
20 páginas -
Server
IBM 71453RU
150 páginas 11.35 mb -
Server
IBM System x x3850 X5
23 páginas -
Server
IBM 000-8697
702 páginas 4.14 mb
Bom manual de uso
As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto IBM OS/390. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoIBM OS/390 vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.
O que é a instrução?
A palavra vem do latim "Instructio" ou instruir. Portanto, no manual IBM OS/390 você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.
Infelizmente, pequenos usuários tomam o tempo para ler o manual IBM OS/390, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.
Então, o que deve conter o manual perfeito?
Primeiro, o manual IBM OS/390 deve conte:
- dados técnicos do dispositivo IBM OS/390
- nome do fabricante e ano de fabricação do dispositivo IBM OS/390
- instruções de utilização, regulação e manutenção do dispositivo IBM OS/390
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes
Por que você não ler manuais?
Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque IBM OS/390 não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos IBM OS/390 e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço IBM na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas IBM OS/390, como para a versão papel.
Por que ler manuais?
Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo IBM OS/390, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.
Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual IBM OS/390. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação
Índice do manual
-
Página 1
OS/390 IBM Security Server (RACF) Planning: Installation and Migration GC28-1920-03[...]
-
Página 2
[...]
-
Página 3
OS/390 IBM Security Server (RACF) Planning: Installation and Migration GC28-1920-03[...]
-
Página 4
Note Before using this information and the product it supports, be sure to read the general information under “Notices” on page vii. Fourth Edition, September 1997 This is a major revision of GC28-1920-02. This edition applies to Version 2 Release 4 of OS/390 (5647-A01) and to all subsequent releases and modifications until otherwise indicated [...]
-
Página 5
Contents Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix About This Book .................................... x i Who Should Use This Book ............................... x i How to Use This Book ..............[...]
-
Página 6
SYS1.SAMPLIB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Publications Library . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 Chapter 4. Planning Considerations . . . . . . . . . . . . . . . . . . . . . . . 21 Migration Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .[...]
-
Página 7
Figures 1. New Callable Services ............................. 1 1 2. Changed Callable Services ........................... 1 2 3. New Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 4. Changes to RACF Commands ......................... 1 3 5. Changes to PSPI Data Areas ......................... 1 6 6. Changed Execu[...]
-
Página 8
vi OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration[...]
-
Página 9
Notices References in this publication to IBM products, programs, or services do not imply that IBM intends to make these available in all countries in which IBM operates. Any reference to an IBM product, program, or service is not intended to state or imply that only IBM's product, program, or service may be used. A functionally equivalent pr[...]
-
Página 10
viii OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration[...]
-
Página 11
Trademarks The following terms are trademarks of the IBM Corporation in the United States or other countries or both: AIX/6000 BookManager CICS CICS/ESA DB2 DFSMS FFST FFST/MVS IBM IBMLink IMS Library Reader MVS/ESA MVS/XA NetView OpenEdition OS/2 OS/390 Parallel Sysplex ?[...]
-
Página 12
x OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration[...]
-
Página 13
About This Book This book contains information about the Resource Access Control Facility (RACF), which is part of the OS/390 Security Server. The Security Server has two components: RACF OpenEdition DCE Security Server For information about the OpenEdition DCE Security Server, see the publications related to that component. This book provi[...]
-
Página 14
Chapter 6, “Customization Considerations” on page 29, highlights information about customizing function to take advantage of new support after the new release of RACF is installed. Chapter 7, “Administration Considerations” on page 31, summarizes changes to administration procedures for the new release of RACF. Chapter 8, “Aud[...]
-
Página 15
RACF Courses The following RACF classroom courses are also available: Effective RACF Administration, H3927 MVS/ESA RACF Security Topics, H3918 Implementing RACF Security for CICS/ESA, H3992 IBM provides a variety of educational offerings for RACF. For more information on classroom courses and other offerings, see your IBM representative[...]
-
Página 16
Other Sources of Information IBM provides customer-accessible discussion areas where RACF may be discussed by customer and IBM participants. Other information is available through the Internet. IBM Discussion Areas Two discussion areas provided by IBM are the MVSRACF discussion and the SECURITY discussion. MVSRACF MVSRACF is available to custom[...]
-
Página 17
You can get sample code, internally-developed tools, and exits to help you use RACF. All this code works in our environment, at the time we make it available, but is not officially supported. Each tool or sample has a README file that describes the tool or sample and any restrictions on its use. The simplest way to reach this code is through the RA[...]
-
Página 18
xvi OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration[...]
-
Página 19
Summary of Changes | Summary of Changes | for GC28-1920-03 | OS/390 Version 2 Release 4 | This book contains primarily new information for OS/390 Version 2 Release 4 | Security Server (RACF). When any information appeared in an earlier release, the | information that is new is indicated by a vertical line to the left of the change. Summary of Chang[...]
-
Página 20
xviii OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration[...]
-
Página 21
Chapter 1. Planning for Migration This chapter provides information to help you plan your installation's migration to the new release of OS/390 Security Server (RACF). Before attempting to migrate, you should define a plan to ensure a smooth and orderly transition. A well thought-out and documented migration plan can help minimize any interrup[...]
-
Página 22
Installation Considerations Before installing a new release of RACF, you must determine what updates are needed for IBM-supplied products, system libraries, and non-IBM products. (Procedures for installing RACF are described in the program directory shipped with OS/390, not in this book.) Be sure you include the following steps when planning your p[...]
-
Página 23
Auditing Considerations Auditors who are responsible for ensuring proper access control and accountability for their installation are interested in changes to security options, audit records, and report generation utilities. For more information, see Chapter 8, “Auditing Considerations” on page 33. Application Development Considerations Applica[...]
-
Página 24
4 OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration[...]
-
Página 25
Chapter 2. Release Overview This chapter lists the new and enhanced functions of RACF for OS/390 Release 4 and gives a brief overview of each new function or function enhancement. New and Enhanced Support For OS/390 Release 4, RACF provides: Support for the RACF/DB2 external security module Additional auditing of OpenEdition superusers stat[...]
-
Página 26
Enhancements to Support for OpenEdition Services Enhancements to RACF's support for OpenEdition services include: Extended ability to audit the use of superuser status Default USER/GROUP support provided by APAR OW26800 Extended Ability to Audit the Use of Superuser Status This support allows the auditing of the new OpenEdition spawn s[...]
-
Página 27
The getUMAP and getGMAP services also look for default values. If getUMAP is given a UID as input and the corresponding USER profile has no OMVS segment, the caller of the getUMAP service receives the default. If no default value is found, RACF return code 8, reason code 4 are returned by the getUMAP service. If a UID is passed to getUMAP, then it [...]
-
Página 28
The ALTUSER command allows an administrator to reset a user's password to a temporary password or a default value. This command is modified to save the old password whenever the password is reset. The PASSWORD USER ( userid ) command provides users and administrators with a password reset function. This command is modified to save the [...]
-
Página 29
system. This support provides a solution to many customers that find themselves in such a situation. The PERMIT command has a new keyword to add users and groups to the conditional access list, WHEN(SYSID(...)). This keyword is allowed only for the PROGRAM class. WHEN(SYSID(...)) is similar to the existing keywords WHEN(TERMINAL(...)), WHEN(PROGRAM[...]
-
Página 30
Enable/Disable Changes OS/390 Version 2 Release 4 has a new product ID that affects the enable/disable function in all of its elements including the Security Server. The ID() value used in the IFAPRDxx parmlib member needs to be "5647-A01". The remainder of the parameters remain the same. Without this necessary change to the ID() paramete[...]
-
Página 31
Chapter 3. Summary of Changes to RACF Components for OS/390 Release 4 This chapter summarizes the new and changed components of OS/390 Release 4 Security Server (RACF). It includes the following summary charts for changes to the RACF: Callable Services Class descriptor table (CDT) Commands Data Areas Exits Macros Message[...]
-
Página 32
Figure 2. Changed Callable Services Callable Service Name Description Support initUSP If no OMVS segment is found in the user's profile, the initUSP service checks the BPX.DEFAULT.USER profile in the FACILITY class. This profile may contain a user ID in its application data field that provides a default OMVS segment. If this default is fou[...]
-
Página 33
Figure 3. New Classes Name Description Support DSNADM DB2 administrative authority class DB2 GDSNBP Grouping class for buffer pool privileges DB2 GDSNCL Grouping class for collection privileges DB2 GDSNDB Grouping class for database privileges DB2 GDSNPK Grouping class for package privileges DB2 GDSNPN Grouping class for plan privileges DB2 GDSNSG [...]
-
Página 34
Figure 4 (Page 2 of 3). Changes to RACF Commands Command Description Support ALTUSER This command supports the removal of all of the user's CLAUTH authorities by using NOCLAUTH(*). For more information on the ALTUSER NOCLAUTH keywords, see OS/390 Security Server (RACF) Command Language Reference . TME 10 PERMIT The PERMIT command allows the ke[...]
-
Página 35
Figure 4 (Page 3 of 3). Changes to RACF Commands Command Description Support TARGET The new keyword WDSQUAL is added to the RACF TARGET command to indicate that the variable that follows will be used by RRSF as the middle qualifier for the work space data set names of the INMSG and OUTMSG queues for the local RRSF node defined by the TARGET command[...]
-
Página 36
Figure 5. Changes to PSPI Data Areas Data Area Description Support AFC This data area maps the contents for the Open Edition MVS security audit function codes. An audit function code has been added to audit when ck_priv is called from OpenEdition_spawn (BPX1SPN). Auditability of super user requests. COMP This data area maps the common SAF/RACF para[...]
-
Página 37
RFXALET and RFXLOGS correspond to new fields in the RACROUTE REQUEST=FASTAUTH parameter list. These fields only exist in parameter lists created with RELEASE=2.4 or higher. Therefore, these fields must only be accessed when the RFXPVERS indicates Release 2.4 or higher. Macros Figure 6 lists changes to executable macros for OS/390 Release 4. These a[...]
-
Página 38
RALTER Command Messages: ICH11304I SETROPTS Command Messages: ICH14042I RACF Manager Error Messages: ICH51011I RACF Processing Messages: IRR410I RACF Utility Messages: IRR67032I, IRR67034I, IRR67124I, IRR67153I, IRR67183I RRSF Enveloping Messages: IRRV002I, IRRV005I, IRRV013I, IRRV014I RACF Operational Modes and Coupling Facility Messages: IRRX013A[...]
-
Página 39
Figure 7. New Panels for RACF Panel Description Support ICHP241n This panel enables you to add an entry for the conditional access list and to identify the access authority for it. Program control by system ID ICHP242n This panel enables you to remove an entry from the conditional access list and to identify the access list from which conditions ar[...]
-
Página 40
Publications Library Figure 10 lists changes to the OS/390 Security Server (RACF) publications library. Note: You are able to print the softcopy documentation, either in its entirety or simply portions of it. Figure 10. Changes to the RACF Publications Library Publication Change OS/390 Security Server (RACF) Callable Services This publication is av[...]
-
Página 41
Chapter 4. Planning Considerations This chapter describes the following high-level planning considerations for customers upgrading to OS/390 Release 4 Security Server (RACF) from OS/390 Release 3 Security Server (RACF): Migration strategy Migration paths Hardware requirements Compatibility Migration Strategy The recommended steps fo[...]
-
Página 42
– OS/390 Security Server (RACF) Planning: Installation and Migration for OS/390 Release 1.(GC28-1920-00) If you have RACF 1.9.2 installed, in addition to this book, you should read: – OS/390 Security Server (RACF) Planning: Installation and Migration for OS/390 Release 2, (GC28-1920-01) and Release 3 (GC28-1920-02) – OS/390 Security Server (R[...]
-
Página 43
Compatibility This section describes considerations for compatibility between OS/390 Release 4 Security Server (RACF) and OS/390 Release 3 Security Server (RACF). OpenEdition MVS If you are an OpenEdition MVS user, be sure to review carefully the following information on possible changes. For Auditability of Superusers If you are not already auditi[...]
-
Página 44
24 OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration[...]
-
Página 45
Chapter 5. Installation Considerations This chapter describes the following changes of interest to the system programmer installing OS/390 Release 4 Security Server (RACF): Virtual storage considerations Templates RACF Storage Considerations This section discusses storage considerations for RACF. Using the RACF DB2 external security module [...]
-
Página 46
Figure 11 (Page 2 of 3). RACF Estimated Storage Usage Storage Subpool Usage How to Estimate Size ESQA RACF data sharing control area 300 (when enabled for sysplex communication) Class descriptor table (CNSX) (number_of_IBM-defined_classes × 28) + (number_of_IBM-defined_entries_in_router_table × 30) + (number_of_customer_defined_classes × 58) + 2[...]
-
Página 47
Figure 11 (Page 3 of 3). RACF Estimated Storage Usage Storage Subpool Usage How to Estimate Size ECSA RACF data set descriptor table and extension 168 + (896 × number_of_RACF_primary_data_sets) RACF ICB (non-shared DB) 4096 per RACF database if the database is not shared and is not on a device marked as shared, 0 otherwise | RACF program control t[...]
-
Página 48
28 OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration[...]
-
Página 49
Chapter 6. Customization Considerations This chapter identifies customization considerations for OS/390 Release 4 Security Server (RACF). For additional information, see OS/390 Security Server (RACF) System Programmer's Guide . Customer Additions to the Router Table and the CDT Installations must verify that classes they have added to the rout[...]
-
Página 50
Set the options in the RACF/DB2 external security module. To do this, see OS/390 Security Server (RACF) System Programmer's Guide . Decide which DB2 objects are to be protected using RACF. Define the appropriate profiles. To do this, see OS/390 Security Server (RACF) Security Administrator's Guide . Activate the RACF/DB2 exter[...]
-
Página 51
Chapter 7. Administration Considerations This chapter summarizes the changes to administration procedures that the security administrator should be aware of. For more information, see OS/390 Security Server (RACF) Security Administrator's Guide . The TMEADMIN Class The new TMEADMIN class is used to associate a TME administrator with a RACF MVS[...]
-
Página 52
Enhancements of Global Access Checking When you use RACROUTE REQUEST=AUTH processing (which utilizes global access checking) for general resource classes, these classes can be processed whether or not the class is RACLISTed using SETROPTS RACLIST or RACROUTE REQUEST=LIST. 32 OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration[...]
-
Página 53
Chapter 8. Auditing Considerations This section summarizes the changes to auditing procedures for SMF records. SMF Records Figure 12 summarizes changes to SMF records created by RACF for OS/390 Release 4. These changes are general-use programming interfaces (GUPI). For more information on SMF records, see OS/390 Security Server (RACF) Macros and In[...]
-
Página 54
34 OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration[...]
-
Página 55
Chapter 9. Application Development Considerations Application development is the process of planning, designing, and coding application programs that invoke RACF functions. This section highlights new support that might affect application development procedures: Programming interfaces RELEASE=2.4 keyword on macros Changes to RACROUTE RE[...]
-
Página 56
36 OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration[...]
-
Página 57
Chapter 10. General User Considerations RACF general users use RACF to: Log on to the system Access resources on the system Protect their own resources and any group resources to which they have administrative authority For more information on the output general users might receive, see OS/390 Security Server (RACF) General User's [...]
-
Página 58
38 OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration[...]
-
Página 59
Glossary A access . The ability to obtain the use of a protected resource. access authority . An authority related to a request for a type of access to protected resources. In RACF, the access authorities are NONE, EXECUTE, READ, UPDATE, CONTROL, and ALTER. accessor environment element (ACEE) . A description of the current user, including user ID, [...]
-
Página 60
DATASET classes. The table is generated by executing the ICHERCDE macro once for each class. The class descriptor table contains both the IBM provided classes and also the installation defined classes. CLAUTH . See class authority . command direction . A RRSF function that allows a user to issue a command from one user ID and direct that command to[...]
-
Página 61
E entity . A user, group, or resource (for example, a DASD data set) that is defined to RACF. EXTRACT request . The issuing of the RACROUTE macro with REQUEST=EXTRACT specified. An EXTRACT request retrieves or replaces certain specified fields from a RACF profile or encodes certain clear-text (readable) data. The EXTRACT request replaces the RACXTR[...]
-
Página 62
L LIST request . The issuing of the RACROUTE macro with REQUEST=LIST specified. A LIST request builds in-storage profiles for RACF-defined resources. The LIST request replaces the RACLIST function. local logical unit (LU) . Local LUs are LUs defined to the MVS system; partner LUs are defined to remote systems. It is a matter of point of view. From [...]
-
Página 63
posit . A number specified for each class in the class descriptor table that identifies a set of flags that control RACF processing options. See the keyword description for posit in OS/390 Security Server (RACF) Macros and Interfaces . process . (1) A function being performed or waiting to be performed. (2) An executing function, or one waiting to [...]
-
Página 64
set that is RACF-protected by a discrete profile must also be RACF-indicated. RACROUTE macro . An assembler macro that provides a means of calling RACF to provide security functions. See also AUDIT request, AUTH request, DEFINE request, DIRAUTH request, EXTRACT request, FASTAUTH request, LIST request, SIGNON request, STAT request, TOKENBLD request,[...]
-
Página 65
supervisor . The part of a control program that coordinates the use of resources and maintains the flow of processing unit operations. Synonym for supervisory routine . supervisory routine . A routine, usually part of an operating system, that controls the execution of other routines and regulates the flow of work in a data processing system. Synon[...]
-
Página 66
security program for the system. The batch job owner is specified on the USER parameter on the JOB statement or inherited from the submitter of the job. This user ID identifies a RACF user profile. OMVS user ID: A numeric value between 0 and 2147483647, called a UID (or sometimes a user number), that identifies a user to OpenEdition services. T[...]
-
Página 67
How to Get Your RACF CD Let's face it, you have to search through a ton of hardcopy manuals to locate all of the information you need to secure your entire system. There are manuals for OS/390, VM, CICS, TSO/E; technical bulletins from the International Technical Support Organization (“red books”), Washington Systems Center (“orange book[...]
-
Página 68
48 OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration[...]
-
Página 69
Index A access list entry conditional 23 standard 23 ACEEALET keyword 16 ADDUSER command 15 administration classroom courses xiii administration considerations migration 2 ALTUSER command 7, 13, 14, 15 application development considerations migration 3 auditing 23 auditing considerations changed SMF records 33 migration 3 superuser status 6 C calla[...]
-
Página 70
getGMAP callable service 6, 12 getUMAP callable service 6, 12 global access checking 10 H hardware requirements planning considerations 22 HRF2240 9 I ICHEACTN macro, changes to 17 ICHEINTY macro, changes to 17 ICHETEST macro, changes to 17 initUSP callable service 6, 12 installation considerations 25 templates 27 installation exits 1 See also exit[...]
-
Página 71
R R_Admin callable service 8, 11 RACF classroom courses xiii publications on CD-ROM xii softcopy xii RACF 1.9 migration path from 22 RACF 1.9.2 migration path from 22 RACF 2.1 migration path from 22 RACF 2.2 migration path from 21 RACF administration classroom courses xiii RACF panels changed 19 RACF releases prior to 1.9 migration path from 22 RAC[...]
-
Página 72
[...]
-
Página 73
Readers' Comments — We'd Like to Hear from You OS/390 Security Server (RACF) Planning: Installation and Migration Publication No. GC28-1920-03 Overall, how satisfied are you with the information in this book? How satisfied are you that the information in this book is: Please tell us how we can improve this book: Thank you for your respo[...]
-
Página 74
Cut or Fold Along Line Cut or Fold Along Line Readers' Comments — We'd Like to Hear from You GC28-1920-03 IBM Fold and Tape Please do not staple Fold and Tape NO POSTAGE NECESSARY IF MAILED IN THE UNITED STATES BUSINESS REPLY MAIL FIRST-CLASS MAIL PERMIT NO. 40 ARMONK, NEW YORK POSTAGE WILL BE PAID BY ADDRESSEE IBM Corporation Depar[...]
-
Página 75
[...]
-
Página 76
IBM Program Number: 5647-A01 Printed in the United States of America on recycled paper containing 10% recovered post-consumer fiber. GC28-192ð-ð3[...]