racf under zVM



All about SAF, RACF, encryption, Firewall, Risk assessment and integrity concepts

racf under zVM

Postby v clemons » Sun Sep 23, 2012 7:19 pm

We are testing out RACF on Z/vm. And have installed RACF v6.1
and tried using the example in the IBM manual
"RACF Security Server Security Administrator’s Guide v6.1",
document # SC24-6218-00. This particular example is found
in chapter 3 starting at the sub-topic "Defining Administrator User IDs for Your Own Use"

The statements we entered while logged in under the user id "SYSADMIN"
were:

RACF
ADDUSER RACFADM PASSWORD(clemons) SPECIAL OPERATIONS AUDITOR
RDEFINE VMMDISK RACFVM.301
PERMIT RACFVM.301 CLASS(VMMDISK) ID(RACFADM) ACCESS(UPDATE)
END

Now at this point I logged off the SYSADMIN id.

Next I attempted to login as to the RACF created id "RACFVM" with password of "CLEMONS".
The response I got back from z/VM was:


LOGON RACFADM
HCPLGA053E RACFADM not in CP directory

Enter one of the following commands:

LOGON userid (Example: LOGON VMUSER1)
DIAL userid (Example: DIAL VMUSER2)
MSG userid message (Example: MSG VMUSER2 GOOD MORNING)
LOGOFF
UNDIAL



My question is do you need to also place an entry in the
CP directory (VM file "USER DIRECT") for every user id defined to RACF
or is there something we may not have installed or implemented correctly?
v clemons
 
Posts: 1
Joined: Sat Sep 22, 2012 9:22 pm
Has thanked: 0 time
Been thanked: 0 time

Re: racf under zVM

Postby BillyBoyo » Sun Sep 23, 2012 7:39 pm

This is a Beginner's and Students forum :-)

There's not a lot of current VM experience here.

You might be better off trying to find a list/group of some sort for RACF, or firing off a query to IBM.

You could, of course, just try it and see :-)
BillyBoyo
Global moderator
 
Posts: 3804
Joined: Tue Jan 25, 2011 12:02 am
Has thanked: 22 times
Been thanked: 265 times

Re: racf under zVM

Postby dick scherrer » Mon Sep 24, 2012 7:20 am

Hello and welcome to the forum,

Hopefully there is a comletely experimental place to expreiment (preferable so you can set up a VM host and multiple "guests" (if that terminology is still valid). Been more than 20 years since i worked on a system that was hosted on vm.

As mentioned, we only have a few people with current vm experience. Because you re just getting into this, hopefully, someone made contact with your IBM support that you were gong to try this for the first time. Between their manuals and redbooks as well as dirrect questions with vm/racf support is probably where your best info will be found.
Hope this helps,
d.sch.
User avatar
dick scherrer
Global moderator
 
Posts: 6268
Joined: Sat Jun 09, 2007 8:58 am
Has thanked: 3 times
Been thanked: 93 times


Return to Mainframe Security

 


  • Related topics
    Replies
    Views
    Last post