Contents
This interface provides two functions:
- The first interface function enables a CA VM:Batch worker machine to use the CP Surrogate Facility to assume the rule privileges of the submitting user ID.
- The second function enables you to create user rules for the worker machines that allow the worker machines to be autologged by CA VM:Batch without a password.
Restrictions and Requirements
You must have the CA VM:Secure Rules Facility installed. For installation instructions, see the CA VM:Secure Rules Facility Guide.
Implementation
To implement both interface functions:
- Log on to VMANAGER.
- Enter the CA VM:Secure CONFIG PRODUCT command.
- Make sure that there is a PRODUCT VMBATCH VMBATCH record in the CA VM:Secure PRODUCT CONFIG file. This configuration file record provides CA VM:Secure with the CA VM:Batch service virtual machine user ID. This record activates the interface.
To implement the second interface function, follow these steps:
- For each CA VM:Batch worker machine:
- Enter the CA VM:Secure RULES USER VMBATnnnn command.
- Make sure that there is an ACCEPT vmbatch AUTOLOG (NOPASS rule in the CA VM:Secure user rules file.
- Log on to VMANAGER.
- Enter the CA VM:Batch CONFIGUR command.
- Remove the password parameter from the WORKER records in the VMBATCH CONFIG file, if present.
- Make sure that there is a PRODUCT VMSECURE VMSECURE record in the VMBATCH CONFIG file. This configuration file record provides CA VM:Batch with the CA VM:Secure service virtual machine user ID.
- Enter the FILE command to save the changes.
- Enter the CA VM:Secure EDIT VMBATCH command.
- Make sure that there is an IUCV DUALPASS statement in the VMBATCH directory entry.