Contents

This interface provides two functions:

  • The first interface function enables a CA VM:Batch worker machine to use the CP Surrogate Facility to assume the rule privileges of the submitting user ID.
  • The second function enables you to create user rules for the worker machines that allow the worker machines to be autologged by CA VM:Batch without a password.

Restrictions and Requirements

You must have the CA VM:Secure Rules Facility installed. For installation instructions, see the CA VM:Secure Rules Facility Guide.

Implementation

To implement both interface functions:

  1. Log on to VMANAGER.
  2. Enter the CA VM:Secure CONFIG PRODUCT command.
  3. Make sure that there is a PRODUCT VMBATCH VMBATCH record in the CA VM:Secure PRODUCT CONFIG file. This configuration file record provides CA VM:Secure with the CA VM:Batch service virtual machine user ID. This record activates the interface.

To implement the second interface function, follow these steps:

  1. For each CA VM:Batch worker machine:
    1. Enter the CA VM:Secure RULES USER VMBATnnnn command.
    2. Make sure that there is an ACCEPT vmbatch AUTOLOG (NOPASS rule in the CA VM:Secure user rules file.
    These rules allow each CA VM:Batch worker machine specified to be autologged without passwords.
  2. Log on to VMANAGER.
  3. Enter the CA VM:Batch CONFIGUR command.
  4. Remove the password parameter from the WORKER records in the VMBATCH CONFIG file, if present.
  5. Make sure that there is a PRODUCT VMSECURE VMSECURE record in the VMBATCH CONFIG file. This configuration file record provides CA VM:Batch with the CA VM:Secure service virtual machine user ID.
  6. Enter the FILE command to save the changes.
  7. Enter the CA VM:Secure EDIT VMBATCH command.
  8. Make sure that there is an IUCV DUALPASS statement in the VMBATCH directory entry.