z/OS Common Information Model User's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


Defining a CIM server user ID

z/OS Common Information Model User's Guide
SC34-2671-00

Defining a CIM server user ID

To define a CIM server user ID:

__   1.
Either select an existing user ID or create a new CIM server user ID. We recommend to create a CIM server user ID named CFZSRV with UID 9500 and a CIM server group ID named CFZSRVGP with GID 9501.

Depending on the security model under which the CIM server runs, the user ID may need to be privileged (UID=0).

For more information to decide on the privileges for the CIM server user ID, see Configuring the CIM server's resource authorization model.

__   2.
Allow the CIM server's user ID CONTROL access to profile CIMSERV in class WBEM.

The following example shows the required RACF® commands to achieve this, where the user ID CFZSRV was chosen for the CIM server:

Example: 

PERMIT CIMSERV CL(WBEM) ACCESS(CONTROL) ID(CFZSRV)
SETROPTS CLASSACT(WBEM) RACLIST(WBEM) REFRESH
__   3.
If you run the CIM server as started task, it is recommended to define the CIM server user ID as protected user ID. Protected user IDs are protected from being used to log on to the system, and from being revoked through incorrect password attempts.

You can define a protected user ID or change an existing user ID into a protected user ID by assigning the NOPASSWORD, NOPHRASE, and NOOIDCARD attributes through the ADDUSER or ALTUSER command.

Example: 

ALTUSER CFZSRV NOPASSWORD NOOIDCARD NOPHRASE

For more details about protected user IDs see z/OS Security Server RACF Security Administrator’s Guide.

For more information on how to associate the CIM server user ID with the started task, see Customizing the started task procedure CFZCIM.

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014