Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Setting up the PKI Services daemon user ID z/OS Cryptographic Services PKI Services Guide and Reference SA23-2286-00 |
|
Create the daemon user ID (by default, PKISRVD) using the RACF® ADDUSER TSO command. Give it an OMVS segment because it needs access to z/OS UNIX. If you implement the object store and issued certificate list (ICL) using VSAM data sets, this user ID also needs update access to the VSAM data sets identified in the ObjectStore section of the pkiserv.conf file. If necessary, use the RACF ADDSD and PERMIT TSO commands to give this user ID UPDATE access to the VSAM data sets. If you implement the object store and ICL using DB2® tables, this user ID also needs access to the Resource Recovery Services Access Facility (RRSAF). If necessary, use the RACF RDEFINE and PERMIT commands to define the profile for RRSAF in the DSNR class and give this user ID READ access. Guideline: Define the daemon user ID with the NOPASSWORD attribute. To associate this user ID to the PKI Services started
procedure, use the following RACF TSO
commands:
|
Copyright IBM Corporation 1990, 2014
|