I am new to the mainframe and CICS. Right now, we are trying to turn on the security of CICS Transaction Server....
When we enter CICS, even without sign-on, we can do everything we want. But if we type 'CESN', the System gives a message like 'DFHCE3547 Security is not active. Sign-on cannot be performed.'
Do you know why that happened? Where can I find the information I need to turn on the security?
Welcome to CICS Land.....
In order to get CICS security active, you need to code SEC=YES in the SIT (or supply this via SYSIN). The actual enablement/disablement of the various bits of CICS security is controlled by the X SIT parms.
Transaction security works by XTRAN. By default, XTRAN=YES so this enables security on transaction initiation. Don't forget that this will cover background (non-terminal attached) transactions as well as those started at a real terminal.
You will have to have a good read of the CICS RACF book to get at all the info on CICS security -- most of the description is based on RACF as the external security manager, but it also contains info relasting to non-IBM security managers.
I'd recommend not altering the names CICS uses within RACF for its definitions until you are a lot further along than now, and recommend against keying definitions to the USERID used for the CICS region (that on its job card).
Related Q&A from Robert Crawford
With 3270 bridge, you can't stack input messages into one structure. The bridge can't process them all at once. It takes a little more work.continue reading
CICS expert Robert Crawford offers advice on determining the connection between CICS transactions and MQ Queue name.continue reading
CICS expert Robert Crawford discusses if a program can use IXLLIST macros in CICS when IXLLIST are APF.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.