I am new to the mainframe and CICS. Right now, we are trying to turn on the security of CICS Transaction Server....
When we enter CICS, even without sign-on, we can do everything we want. But if we type 'CESN', the System gives a message like 'DFHCE3547 Security is not active. Sign-on cannot be performed.'
Do you know why that happened? Where can I find the information I need to turn on the security?
Welcome to CICS Land.....
In order to get CICS security active, you need to code SEC=YES in the SIT (or supply this via SYSIN). The actual enablement/disablement of the various bits of CICS security is controlled by the X SIT parms.
Transaction security works by XTRAN. By default, XTRAN=YES so this enables security on transaction initiation. Don't forget that this will cover background (non-terminal attached) transactions as well as those started at a real terminal.
You will have to have a good read of the CICS RACF book to get at all the info on CICS security -- most of the description is based on RACF as the external security manager, but it also contains info relasting to non-IBM security managers.
I'd recommend not altering the names CICS uses within RACF for its definitions until you are a lot further along than now, and recommend against keying definitions to the USERID used for the CICS region (that on its job card).
Related Q&A from Robert Crawford
I want to replicate DB2 from the mainframe to an AIX box since it's cheaper and the copy can be used for testing. Is this possible?continue reading
What's the impact on I/O when you run in a CPU-constrained mainframe environment?continue reading
I need to transfer one PS file's data from a mainframe to a Linux server. Are there any JCL scripts that can do this for me?continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.