This topic describes the steps of authorizing
applications to use the real-time NMI.
Procedure
Perform the following steps to authorize applications
to use the real-time NMI:
- Define the security product resource profiles.
An optional resource name is supported for each real-time interface
to restrict access to the interfaces. The resource name has the format
EZB.NETMGMT.
sysname.
tcpprocname.
interface, where:
- sysname is the MVS™ system name where the interface is enabled.
- tcpprocname is the job name that is
associated with the TCP/IP stack where the interface is enabled.
- interface is the real-time interface
name. It can be SYSTCPDA, SYSTCPCN, SYSTCPOT, or SYSTCPSM.
For examples of the RACF® commands that are used to define the real-time interface security
product resource names, see sample EZARACF in data set SEZAINST.
- Permit the user IDs of the applications to access the real-time
NMI resources.
After the resource profiles are defined,
the user ID that is associated with the network management application
must be permitted for READ access to the resources.
Guideline: The user ID that is referenced
for access to the resources is the user ID that is associated with
the MVS address space from which
the connect() function call or the TMI copy buffer interface invocation
was issued. If you are developing a feature for a product to be used
by other parties, you should include in your documentation instructions
indicating that administrators should define the real-time interface
resource profiles for the real-time interfaces and permit the user
ID of the application for READ access to the profile.
- Review the authorization verification performed by the
real-time NMI.
The authorization verification for the
application is different when an application connects to the real-time
interface and when it invokes the TMI copy buffer interface. You should
review the verification to ensure that your application will be authorized.
See Verifying authorization for applications that connect to the real-time interface and Verifying authorization for applications that invoke the TMI copy buffer interface for more information.