As a sidebar comment we recently completed a large TSS to RACF conversion, during which time various lpars withing out sysplex operated under one of the 2 products while we phased in the conversion. While we did not hear of any negative recommendations to this effect (IBM helped with the conversion) we did notice some, ahem, "oddities" during the project. Generally these situations were minor and all were related to lpar to lpar communications, NJE, submittal via our scheduling product across lpars, etc. We did experience the OP's problem, among others, and simply shrugged it off due to our hybrid environment. It's worth noting that access rights within an LPAR functioned correctly, i.e. the new system matched the old system.
I can't visualize a recommendation, pro or con, regarding the behavior of all or all zOS functions in a hybrid scenario. I can state that our experience was substantially uneventful, with the disclaimer that "you ought to know what you're doing." There was one massive benefit during the conversion of having 2 different security managers in place. We could easily test any perceived access issue simply by trying a test from a different lpar. -----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Mike Feeley Sent: Thursday, October 23, 2008 12:35 PM To: IBM-MAIN@BAMA.UA.EDU Subject: Re: ICH409I 283-054 ABEND DURING FRACINIT PROCESSING Yes, but this only points out the issue. I would like to see a document that says mixed security environments in a sysplex is not recommended or supported. OK, here is a recap. Commands routed to all LPARS will work if they are issued from the RACF LPAR. The command will fail (only on the RACF LPAR) if issued from a Top Secret LPAR. This all boils down to the ENVRIN data. Top Secret has a way to deal with it and RACF does not. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
