Givens, Dennis W. wrote: >I have been asked if both RACF and Top Secret can run on different LPARs in >the same parallel sysplex. I recall that NO that is not permitted but am >having trouble finding where it is written.
It could be possible as long each database of each security system is *NOT* shared by more than one LPAR. You can only share ONE RACF DB in a Sysplex. Other LPARs can also share the same database or use their own *NON-SHARED* RACF database. What I wrote in previous sentence is *only* about RACF. I'm not sure how you could use different security products in one Sysplex, I also lost my sources [1] about this, but I believe you should setup standards for each LPAR and ensure nothing is shared at all - GRS, catalogs, security DBs, volsers, etc. You may have trouble managing your JES2/3 + HSM + SMS + Tape management resources across those LPARs using different security systems and standards as enforced by them. I may be wrong, but I have been in a Sysplex where each LPAR is having own RACF DB (only RACF in all LPARs) and that is already a dangerous, but manage-able minefield. [2] In fact - Sysplex is just this - sharing resources across LPARs - RACF or TopSecret, JES2/3, HSM, SMS, GRS/MIMS, Catalogs, volsers, etc. You could post your questions on RACF-L, I certainly know that there are good gurus who successfully converted from one security system to RACF. They would have a lot to tell you what to do... Good luck. Groete / Greetings Elardus Engelbrecht [1] - Google does not help me here - too much false search results... [2] - I eventually got standards the same across all those LPARs and then have one after the other LPARs move over to one *shared* RACF database in the Sysplex. Eventually all unshared databases were deleted. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN