z/OS Common Information Model User's Guide
Previous topic | Next topic | Contents | Index | Contact z/OS | Library | PDF


Switching identity (surrogate)

z/OS Common Information Model User's Guide
SC34-2671-00

Switching identity (surrogate)

The CIM server uses services which can be run in client or server security context. For this, the CIM server must be able to switch its user ID to the client user ID. To allow the CIM server for this, define BPX.SRV profiles for the SURROGAT class within your System Authorization Facility (SAF).

The recommended way to do this is:

  • _ Specify a general profile to allow the CIM server user ID to switch to any other z/OS user ID with a UNIX System Services segment defined.

    The following sample shows the required RACF® commands to create the generic profile, where the CIM server user ID is CFZSRV:

    Example: 
    SETROPTS CLASSACT(SURROGAT) RACLIST(SURROGAT) GENERIC(SURROGAT)
RDEFINE SURROGAT BPX.SRV.** UACC(NONE)
PERMIT BPX.SRV.** CLASS(SURROGAT) ACCESS(READ) ID(CFZSRV)
SETROPTS GENERIC(SURROGAT) RACLIST(SURROGAT) REFRESH

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014