I am new to the mainframe and CICS. Right now, we are trying to turn on the security of CICS Transaction Server. When we enter CICS, even without sign-on, we can do everything we want. But if we type 'CESN', the System gives a message like 'DFHCE3547 Security is not active. Sign-on cannot be performed.'
Do you know why that happened? Where can I find the information I need to turn on the security?
Welcome to CICS Land.....
In order to get CICS security active, you need to code SEC=YES in the SIT (or supply this via SYSIN). The actual enablement/disablement of the various bits of CICS security is controlled by the X SIT parms.
Transaction security works by XTRAN. By default, XTRAN=YES so this enables security on transaction initiation. Don't forget that this will cover background (non-terminal attached) transactions as well as those started at a real terminal.
You will have to have a good read of the CICS RACF book to get at all the info on CICS security -- most of the description is based on RACF as the external security manager, but it also contains info relasting to non-IBM security managers.
I'd recommend not altering the names CICS uses within RACF for its definitions until you are a lot further along than now, and recommend against keying definitions to the USERID used for the CICS region (that on its job card).
Dig Deeper on IBM system z and mainframe systems
Related Q&A from Robert Crawford
For better mainframe capacity planning, how do I convert CPU hours to MIPS? And is there a way to calculate the relationship between MIPS and MSUs? Continue Reading
I have two years of experience in mainframe technology, currently working as a mainframe developer. I want to change to Java technology. Continue Reading
I want to replicate DB2 from the mainframe to an AIX box since it's cheaper and the copy can be used for testing. Is this possible? Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.