Example of CICS Surrogate UserID Creation and CONNX Login

  1. Using standard RACF commands, create a new CICS user ID = CNXDEV01.

  2. Define two profiles to RACF:

    rdefine surrogat cnxdev01.dfhinstl uacc(none)
    rdefine surrogat cnxdev01.dfhstart uacc(none)
     

  3. Activate the SURROGAT class:

    setropts classact(surrogat) raclist(surrogat)
     

  4. Execute RACF permit commands to authorize the default CICS USER ID = CICSUSER to the surrogate user profiles:

    permit cnxdev01.dfhinstl class(surrogat) id(cicsuser)
    permit cnxdev01.dfhstart class(surrogat) id(cicsuser)
     

  5. Refresh the SURROGAT class:

    setropts raclist(surrogat) refresh
     

  6. Open the CONNX Data Dictionary Manager window. Select the Import button. Type the user ID CNXDEV01 and a valid password, IP address and port.

  7. Note that CONNX Listener Transaction NX00 was previously started by USERID = CICSUSER; Transaction NXS0 is started by transaction NX00 with USERID=CNXDEV01.

    image\sec06.jpg

Note: Refer to the following links for more information on CICS and RACF security:

 

http://publibz.boulder.ibm.com/cgi-bin/bookmgr/BOOKS/DFHJAT53/2.5

 

http://publibz.boulder.ibm.com/cgi-bin/bookmgr/BOOKS/DFHJAT53/2.5.2