Re: Omegamon - How to
-Original Message- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Bruce Hewson Sent: Tuesday, February 06, 2007 11:52 PM To: IBM-MAIN@BAMA.UA.EDU Subject: Re: Omegamon - How to Hello Steve, We protect the OMEGAMON commands via the security exit in the Omegamon Classic products...we use the same exit code for MVS, CICS and DB2. We call the module KOMRACFX We heavily modified the sample so that is uses General Resource profiles in the existing FACILITY classdue to history the resource name begins with CANDLE. resource name model: CANDLE.mmm.pp.resource mmm = B#OMMODE MMODE is the mode that the product is running in: VTM - Vtam mode DED - Dedicated mode SPF - ISPF mode TSO - TSO mode pp = B#DDPRFX DDPRFX is set based on the product that is running: OM - Omegamon/MVS OC - Omegamon/CICS O2 - Omegamon/DB2 OI - Omegamon/IMS For CICS and DB2 an extra qualifier identifies the target system. some example entries.. CANDLE.*.*.$PWD [EMAIL PROTECTED] CANDLE.*.*.CONS.** CANDLE.*.*.CONU.** CANDLE.*.*.INITIAL0.** CANDLE.*.*.INITIAL1.** CANDLE.*.*.INITIAL2.** CANDLE.*.*.INITIAL3.** CANDLE.*.*.MLST.** CANDLE.*.*.MSCN.** CANDLE.*.*.MZAP.** CANDLE.*.OC.COLL.* CANDLE.*.OC.CORE.* CANDLE.*.OC.CRSP.* CANDLE.*.OM.ALIB CANDLE.*.OM.APFU CANDLE.*.OM.CHAP CANDLE.*.OM.CSAF CANDLE.*.O2.DCMD.* CANDLE.*.O2.DCNS.* CANDLE.*.O2.MCHN.* CANDLE.*.O2.OJIN.* CANDLE.*.O2.OJTM.* Hope this gives you some hints.. Thanx. Just getting the right manual helped a lot (which another poster gave the link for) for the person that was actually fixing RACF and the exit. By COB yesterday, our one test LPAR had the code in place being tested. But this is good stuff to keep in the archives for the future. Regards, Steve Thompson -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Omegamon - How to
Hello Steve, We protect the OMEGAMON commands via the security exit in the Omegamon Classic products...we use the same exit code for MVS, CICS and DB2. We call the module KOMRACFX We heavily modified the sample so that is uses General Resource profiles in the existing FACILITY classdue to history the resource name begins with CANDLE. resource name model: CANDLE.mmm.pp.resource mmm = B#OMMODE MMODE is the mode that the product is running in: VTM - Vtam mode DED - Dedicated mode SPF - ISPF mode TSO - TSO mode pp = B#DDPRFX DDPRFX is set based on the product that is running: OM - Omegamon/MVS OC - Omegamon/CICS O2 - Omegamon/DB2 OI - Omegamon/IMS For CICS and DB2 an extra qualifier identifies the target system. some example entries.. CANDLE.*.*.$PWD [EMAIL PROTECTED] CANDLE.*.*.CONS.** CANDLE.*.*.CONU.** CANDLE.*.*.INITIAL0.** CANDLE.*.*.INITIAL1.** CANDLE.*.*.INITIAL2.** CANDLE.*.*.INITIAL3.** CANDLE.*.*.MLST.** CANDLE.*.*.MSCN.** CANDLE.*.*.MZAP.** CANDLE.*.OC.COLL.* CANDLE.*.OC.CORE.* CANDLE.*.OC.CRSP.* CANDLE.*.OM.ALIB CANDLE.*.OM.APFU CANDLE.*.OM.CHAP CANDLE.*.OM.CSAF CANDLE.*.O2.DCMD.* CANDLE.*.O2.DCNS.* CANDLE.*.O2.MCHN.* CANDLE.*.O2.OJIN.* CANDLE.*.O2.OJTM.* Hope this gives you some hints.. Regards Bruce Hewson -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Omegamon - How to
-Original Message- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Susan Rice Sent: Tuesday, February 06, 2007 11:09 AM To: IBM-MAIN@BAMA.UA.EDU Subject: Re: Omegamon - How to Steve, You can set up profiles in RACF. Look in the manual for Initial 1 intial 2 intitial 3. There are many ways to set up security but that is the basics. The one step that is sometimes forgotten is that when you get to the security module in ICAT you need to specify external=yes.The other thing is if OMEGAMON was never RACF protected before you might have to add a resource class to be able to define the profiles. http://publib.boulder.ibm.com/infocenter/tivihelp/v15r1/index.jsp?topic= /com.ibm.omegamon_xezos.doc/welcome.htm This will get you to the Omegamon Documents online and you will want to go to the Omegamon II for MVS configuration guide. There is a chapter on implementing your security configuration. Chapter 4. This gives the permit commands and the information necessary. Hope this helps Thank you very much. I'd tried to find that, I had an idea that it was there and just couldn't find it. But, hey, I should have thought that this would become Iceburg Omegamon for USS. I mean, the name change should have just been so incredibly obvious to me (I still think the marketeers at IBM should be locked in a room where we, the users of their nominclatures, should get to come up with esoteric names for everything -- Entry-Exit Control devices with or without optional special security features, Model 3 writing device w/ optional coloration and color output, etc. -- and then make them write out exactly how to get out of the room, but just not tell them the names of what they need or where to find the correct names and then see how bent they get). Regards, Steve Thompson -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Omegamon - How to
Steve, You can set up profiles in RACF. Look in the manual for Initial 1 intial 2 intitial 3. There are many ways to set up security but that is the basics. The one step that is sometimes forgotten is that when you get to the security module in ICAT you need to specify external=yes.The other thing is if OMEGAMON was never RACF protected before you might have to add a resource class to be able to define the profiles. http://publib.boulder.ibm.com/infocenter/tivihelp/v15r1/index.jsp?topic=/com.ibm.omegamon_xezos.doc/welcome.htm This will get you to the Omegamon Documents online and you will want to go to the Omegamon II for MVS configuration guide. There is a chapter on implementing your security configuration. Chapter 4. This gives the permit commands and the information necessary. Hope this helps Susan On 2/6/07, Thompson, Steve (SCI TW) <[EMAIL PROTECTED]> wrote: Is there a way to define in RACF and have Omegamon recognize, that a user is authorized for the special features? The idea is to avoid having each authorized user from having to enter the special password. And we'd like to do it w/o having to put an exit in Omegamon. And I've looked at the mighty fine manuals, and it just isn't jumping out of the index, TOC, or PDF search for me. So, has anyone tackled this? How did you do it (assuming you got it to work)? Regards, Steve Thompson -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Omegamon - How to
Is there a way to define in RACF and have Omegamon recognize, that a user is authorized for the special features? The idea is to avoid having each authorized user from having to enter the special password. And we'd like to do it w/o having to put an exit in Omegamon. And I've looked at the mighty fine manuals, and it just isn't jumping out of the index, TOC, or PDF search for me. So, has anyone tackled this? How did you do it (assuming you got it to work)? Regards, Steve Thompson -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
