We are getting into 3270 bridge transactions and I have a question regarding installation of doctemplates. We would like our programmers to be able to do an install of doctemplates to incorporate changes in our running test system. How can we allow installation of only doctemplates? We use Top Secret as our security manager and are running CICS/TS 1.3.
I don't really understand the question, but it comes down to the protection of the CSD or an SPI command.
A DOCTEMPLATE is RDO defined (in the CSD) and installed - just like a program. If the programmers have access to the CSD, then you do not have a problem as the programmers can configure their own regions. You cannot protect some resources from update/amendment in the CSD and allow accesses to others.
You could try using the LOCK/UNLOCK functions at a Group level, but I don't really think that's going to help.
The alternative to putting resources into the CSD is to use the equivalent SPI commands, which you can protect at an user level.
However, you may find that Top Secret looks at activities involving the CSD and has functions therein to do what you want, but I don't think that CICS has those facilities.
Dig Deeper on IBM system z and mainframe systems
Related Q&A from Robert Crawford
For better mainframe capacity planning, how do I convert CPU hours to MIPS? And is there a way to calculate the relationship between MIPS and MSUs? Continue Reading
I have two years of experience in mainframe technology, currently working as a mainframe developer. I want to change to Java technology. Continue Reading
I want to replicate DB2 from the mainframe to an AIX box since it's cheaper and the copy can be used for testing. Is this possible? Continue Reading