A collection of pages of the nerdy / geeky kind...
CICS related content
If any form of CICS journaling or logging is required and any form of CICS start other than INITIAL then the machine that CICS TS is running in MUST be in some form of SYSPLEX configuration if only a MONOPLEX. CICS now uses the zOS logger and has done away with its own journaling (DFHJCT tables and DFHRSD datasets etc) although it can be configured to use DASD-only logs rather than logging to a Coupling Facility.
CICS System Log (DFHLOG)
This is used for internal CICS logging and is the rough equivalent of the old DFHJ01 plus some more.
Used for recovery purposes (DTB, emergency restart).
CICS needs it to backout recoverable resources, COLD starts (recover a conversation state), WARM starts (pre-shutdown state), EMERGENCY start….
CICS connects to the system log automatically during initialisation.
Default names: region_userid.applid.DFHLOG and ….DFHSHUNT
Whenever a new set of System Logs are defined, or if they are to be cleared down CICS must be started with START=INITIAL.
Example to define the CICS System log streams….
//SYS013 EXEC PGM=IXCMIAPU
//SYSPRINT DD SYSOUT=*
//SYSIN DD *
DATA TYPE(LOGR) REPORT(YES)
DELETE LOGSTREAM NAME(CICS.DFHLOG.MODEL)
DEFINE LOGSTREAM NAME(CICS.DFHLOG.MODEL)
MODEL(YES)
DASDONLY(YES)
LOWOFFLOAD(40)
HIGHOFFLOAD(80)
STG_SIZE(9094)
MAXBUFSIZE(64000)
DELETE LOGSTREAM NAME(CICS.DFHSHUNT.MODEL)
DEFINE LOGSTREAM NAME(CICS.DFHSHUNT.MODEL)
MODEL(YES)
DASDONLY(YES)
MAXBUFSIZE(64000)
/*
DFHLGLOG is the CICS log of logs and is used for Forward Recovery products like CICSFR. We, and most other sites, have defined it as DUMMY.
Unless otherwise specified a HLQ of IXGLOGR is prefixed to the logstream name defined in CICS.
May need to define an alias for IXGLOGR and make definitions in TSS.
Check SMS definitions.
Some thought should be given to adequate sizing for a production workload.
CICS supplies a utility (DFHLSCU) to read old style production logs and to predict efficient parameters for your new logstreams.
Deleting and listing of logstreams should also be done using the IXCMIAPU utility.
User Journals and Forward Recovery logs
These are defined in a similar way. They can / should be defined to manage themselves (e.g. keep data for a specific time). Due to the nature of the processing at Dixons it is unlikely that any such logs will need to be defined.
Abstract Availability for CICS® Transaction Server for z/OS® V3.2 is planned for 29 June 2007. CICS TS V3.2 delivers significant innovation for application connectivity, application reuse, and service management. The major new functions in CICS TS V3.2 fall into three main areas: Application connectivity New Web services capabilities include support for recent standards, interoperability profiles, and the ability to send large amounts of binary data efficiently. The ability to interconnect CICS regions over TCP/IP for Distributed Program Link (DPL) allows exploitation of System z™ IP networking, and provides an alternative to Systems Network Architecture (SNA). All CICS TCP/IP workloads benefit from simple and robust systems and workload management facilities. Application reuse Enhancements to the efficiency of deploying Web services into CICS include handling a wider range of programming language and XML data types and attributes, and improvements to performance and diagnostics. Applications will now automatically utilize 64-bit storage for data held in containers, providing for improved scalability and performance. The CICS integrated translator is now supported by the z/OS XL C/C++ compiler, delivering more comprehensive development and debug capabilities. Service management Online management of program libraries makes it easier to maintain continuous system availability while bringing new or changed applications into production. Support for Enterprise Workload Manager (EWLM) makes possible end-to-end workload monitoring in heterogeneous environments. Potential for performance enhancements is offered by making threadsafe the core APIs for accessing local and RLS VSAM files, journals, WebSphere® MQ, and system autoinstalled Global User Exits. There is improved management of Java™ workloads. The CICSPlex® SM Web User Interface has new help and map capabilities and usability enhancements. Larger amounts of data can now be stored in shared data tables (>2 GB) and VSAM entry sequenced data set (ESDS) files (>4 GB). Improvements to monitoring and statistics facilities include more precise timing data and compression of monitoring records. The default internal trace table size has been increased for better problem diagnosis. T he limit on the number of CICS regions supported in a sysplex is increased by enabling a CICS region to join a named XCF group.
“not a lotta people know that…” CICS comes with a valuable little friend FOR FREE.
When you installed CICS you also installed (or had the opportunity to install) a VERY USEFUL tool which has a misleading name – CICSPlex System Manager (CPSM)
CPSM is often overlooked for two reasons…
1. CICSPlex is misleading; it relates to ANY collection of CICS regions not necessarily in a SYSPlex
2. Setting up and using CPSM is not well documented. If you are running just a few or many CICS regions and can afford to run 1 or 2 more then there may be a lot of benefits including possible software savings in setting up and using CPSM.
Benefits
From a single Web Browser or ISPF session you can
• Display or change the characteristics of any / all CICS region(s)
• Define and propagate CICS resources
• Define and perform Real Time Analysis (RTA)
• Define and perform monitoring (MON)
• Define Workload Management specifications (WLM) allowing the system to dynamically decide where a transaction will run.
• You may already be running ISV software to do some of these things that come at no extra cost to your Company. (It has to be said that there is no extra data collection involved so CPSM does NOT replace any reporting you might do from other CICS monitoring products. If you can live without historic reporting then direct replacement might be a possibility.)
Functions of CPSM
A single-system image (SSI)
CPSM can provide a real-time, single-system image (SSI) of all CICS regions and resources that make up a Company’s entire transaction processing environment. CPSM creates a topology of the CICS systems and resources mapping the relationships between them. A technician no longer needs to know the location of a resource before working with it. The SSI applies to all CPSM applications: operations, monitoring, real-time analysis (RTA), and workload management (WLM).
A single point of control.
A CPSM user can manage all participating CICS systems and their resources from a single session, a single point of control for the enterprise so the CPSM operator is able to manage large and complex configurations of CICS resources from a single session.
Management of your business applications
Your entire enterprise can be managed in terms of your business applications rather than your CICS systems. Using Business Application Services (BAS) you can manage your resources at the application level, by providing:
• A single point of definition for resources. All the resources for the CICS systems and the relationships between them are held on the CPSM data repository. CPSM produces local and remote instances of a resource from a single definition.
• Logical scoping, which enables you to link and manage your resources according to their business relationship, rather than by their physical location in a CICS system.
• Installation of resources, either automatically at CICS start up, or dynamically, as required, into the participating CICS regions. BAS provides an alternative to resource definition online (RDO). BAS frees resource definitions from associations with only one group. Resource definitions can be used and reused, and associated with more than one group as needed. You can, if you wish, manage individual resources, rather than a group.
Operations for the entire CICSplex
Due to SSI a user can (from any point of control) perform tasks either across the entire CICSplex, across a selected subset or for an individual CICS region.
Information can be displayed about the current status of one or more instances of a CICS resource in an enterprise.
The status of resources can also be changed with a single entry.
Action commands can be issued to affect the status of the displayed resources.
You use the Web User Interface or the ISPF EUI to issue the commands. The responses are displayed in panels known as operations views that can summarize related facts and provide access, using hyperlinks to other, related information.
Management of your workloads
CPSM's workload management (WLM) uses a supplied dynamic routing program (EYU9XLOP) to route eligible work requests from a requesting region to a suitable target region selected at the time the transaction is initiated.
EYU9XLOP can be customised and used in conjunction with the CICS-supplied user-replaceable programs DFHDYP and DFHDSRP to handle most dynamic routing requirements.
Automated exception reporting for CICS resources
CPSM's Real-Time Analysis (RTA) function provides automatic, external, notification of any nominated conditions. The notification can take the form of a console message, or of an alert to NetView, or both.
Real-time analysis can asked to notify about any aspect of a resource's status.
Real-time analysis also enables you to take actions without having to use an external automation product.
Monitoring functions for the collection of statistical data for CICS resources
The CPSM monitoring functions support the collection of performance-related data, at user-defined intervals, for named resource instances within a set of CICS systems.
An application programming interface (API) CPSM provides an application programming interface (API) that allows applications to:
• Access information about CICS and CPSM resources
• Invoke the services of CPSM. A command-level interface is available to programs that are written in Assembler, PL/I, COBOL or C. In addition, a REXX run-time interface is available under z/OS Batch, TSO, and NetView.
Management of the CPSM environment
You manage the CPSM environment using:
• CPSM objects To define the configuration of your CICS systems to CPSM (and to define your BAS, WLM, RTA, and monitoring requirements) you create CPSM objects, and associate them with each other. For each object, and for each association or link between them, a record is created in a CPSM data repository.
• Data repository The data repository contains the objects that define the CPSM components, resources, system management requirements, and the relationships between them. The definitions can be created using the Web User Interface or EUI views, the CPSM API, or the batched repository-update facility.
• The batched repository-update facility The batched repository-update facility allows you to create and update large numbers of CPSM and CICS resource definitions by submitting one command that is used as the template for other definitions. The batched repository-update facility is also used for migrating your definitions from one platform to another, and for backing up the data repository. More information is given in The batched repository-update facility.
Management of time-dependent activity
CPSM's facilities can be made time dependent. RTA and monitoring definitions can be activiated only during a specific time for instance. You are able to create time period-definitions that control:
• Exactly when any part of your enterprise is operational, regardless of the local time zone.
• The times you want certain system management functions to be operational. Integration with Tivoli(R) Business Systems Manager For users of Tivoli Business Systems Manager, the CPSM Instrumentation feature supplied with that product enables users to view status information for the CMAS and MAS environments of the CICSplex.
The WUI will run fine within an existing CICS region. It is "just an application".
Some things to consider (like with all monitors):
Suggest keeping the WUI separate since it is a systems management tool and is not managed like a "normal" application region.
This is similar to keeping TOR's "IBM code only" regions (OK, maybe your CICS monitor is in there too).
Bring up the WUI(s) at IPL time along with the other CPSM address spaces.
The WUI(s) should run at a higher service level.
Although CPSM and the WUI are not yet a replacement for a CICS monitor, the CPSM/WUI is a tremendous tool for spotting hung transactions, disabled/released resources, dump activity, etc from a single location.
It is also a tremendous tool for a single point of corrective action.
When customized with your own menus and views, you can create a tremendous cross-plex exception monitor that gives you immediate visibility to error conditions no matter where they come from.
The ability to issue cross plex commands and see the results frees you from the MVS ROUTE command, the potential WTO buffer shortage problems and the coordinated naming conventions required to exploit it.
CPSM and the WUI are not yet the "be all to end all", but it is a great start and IBM appears to be completely behind the product.
While the "starter set" is nice, the real power comes with an effective customization based on your monitoring requirements. It is easy to customize and well worth the minor investment in time to master the tailoring. The basic menu and view tailoring is easy.
It is also possible to create customized URL's that can be imbedded in other web pages and incorporated in online documentation. You could have a project to update Web based Operations procedures to include step by step procedures that actually link to the WUI (in a frame) for the operator action.
Check software and hardware requirements
Research and apply any required maintenance
Be aware of changes to CICS-supplied transactions
Review changes introduced with this release including the following…
Follow ServerPac dialogs
Integrating CICS and OS390
(Some of these tasks will already be in place for existing CICS also some tasks can wait.)
Review messages and automation
Defining the logger environment for CICS journaling
Applying service to CICS Transaction Server for OS/390
Perform IVPs
Convert a test region and check it out
Tasks required for converting a region include
DB2 related pages
Allocate TCPIP port numbers for the DRDA and RESYNC ports. Update the TCPIP profile with reservations for these numbers. This is not strictly necessary if the numbers are above 1024.
Note the TCPIP home address, from the profile.
Update the BSDS with the port numbers. (Usually done with DB2 down). PORT= for the DRDA port and RESPORT= for the RESYNC port.
Ensure that the user on the xxxxDIST job has a RACF definition for OMVS(UID(0)) and that the group has the definition OMVS(GID(n)). Note UID must be zero, whilst GID can be any number.
Add the TCPIP profile dataset to the xxxxDIST job. Also ensure the xxxxDIST job has the LE/370 runtime library in the STEPLIB.
Get the host name and address for any TCPIP hosts that will connect to this DB2. This includes other lpars and any PC’s that may be running DB2 Connect. Update the TCPIP HOSTS file with the host addresses, and run the MAKESITE utility.
Add the port numbers to the TCPIP ETC.SERVICES file, if IPNAMES (below) is to contain host names rather than host addresses.
Review the ZPARM parameters that relate to TCPIP. Initially use TCPALVER=YES to minimise problems with the first connections. It can be changed to NO later, if necessary.
Add entries to the DB2 communications database for the hosts to be defined. Entries will be required in SYSIBM.LOCATIONS and SYSIBM.IPNAMES at a minimum.
Must set up nnnnDIST and nnnnSPAS regions for each subsystem.
Must change ZPARM module to add STORPROC=nnnnSPAS and DDF=AUTO and MAXTYPE1=2. Also TCPALVER=YES to start with.
Must update the BSDS with a new DDF record with PORT= port number above and RESPORT= resync port number above. These numbers were chosen at random and are not below 1024, which are generally reserved by MVS. VTAM addresses!
In DB2 Connect use the Client Configuration Assistant to define the databases. The information above is required to set up each database system. Note the name is the local name in the subsystem. Use TCP/IP, and mark that the database is on the host. Under security select host security. After finishing the definition, it is worth going back into the properties and making sure that host security is still selected.
Using the Command Line Processor enter the commands
LIST DATABASE DIRECTORY
LIST NODE DIRECTORY
LIST DCS DIRECTORY
It is likely that the last of these will show there is no DCS directory. Define an entry with the command
CATALOG DCS DATABASE TECHDB2 AS TECHDB2
and run the LIST command again. Catalog any databases still missing from the DCS directory.
You will require the following:
started task should have LE runtime library in steplib and a dd for the tcpip parm file
DDF=AUTO or =COMMAND to allow either automatic start or manual start
CMTSTAT=number of DDF threads to allow
DB2 subsystem will have to be recycled to make this change effective
DDF LOCATION=anything,LUNAME=vtamname,PORT=ipport1,RESPORT=ipport2
LOCATION can be subsystem name, it is the database name when trying to connect via odbc
Requires DB2 subsystem to be stopped when DSNJU003 is run.
ODBC connection will require some DB2 software at the connecting location , e.g. Windows PC. This may be a suitable version of DB2 UDB for Linux, Unix, Windows, or it may have to be a copy of DB2 Connect. Depending on how DB2 for mainframe was ordered, if all the freebie products were ordered, then a copy of DB2 Connect Personal Edition (single licence) may already be available.
If you have to install DB2 Connect then we may be into some hard work. It requires some stored procedures and WLM environments (Goal mode). Also RRS is required.
For the stored procedure stuff, there should be a skeleton job DSNTIJCC in the install SDSNSAMP dataset. This should be copied to the subsystem customised SDSNSAMP dataset, customised and run. Note it names the WLM environments it expects to be there by default; these can be changed to fit in with any existing standards.
A collection of hard posts
The following ratings may be somewhat arbitrary, but for now they are the only way for prospective users to guess how much it cost to alter the speed of a z9 BC, which is governed by microcode.
In practice, there are only two models,
the R07, with up to three general purpose engines, and
the S07, with up to four.
All other distinctions are the result of microcode magic.
z9 BC MODEL HARDWARE MIPS SOFTWARE MSU
| MODEL | MIPS | MSU |
| A01 | 26 | 4 |
| B01 | 38 | 5 |
| C01 | 46 | 6 |
| A02 | 51 | 7 |
| D01 | 59 | 8 |
| E01 | 70 | 10 |
| A03 | 74 | 10 |
| B02 | 74 | 10 |
| F01 | 87 | 12 |
| C02 | 90 | 12 |
| B03 | 109 | 15 |
| G01 | 110 | 15 |
| D02 | 115 | 16 |
| H01 | 130 | 18 |
| C03 | 132 | 18 |
| E02 | 136 | 19 |
| I01 | 150 | 21 |
| D03 | 169 | 23 |
| F02 | 170 | 24 |
| J01 | 172 | 24 |
| R01 | 193 | 27 |
| L03 | 200 | 28 |
| N02 | 214 | 30 |
| S01 | 216 | 30 |
| K04 | 219 | 30 |
| T01 | 242 | 34 |
| M03 | 249 | 34 |
| O02 | 253 | 36 |
| L04 | 260 | 36 |
| U01 | 270 | 38 |
| P02 | 292 | 41 |
| V01 | 303 | 42 |
| N03 | 314 | 43 |
| M04 | 323 | 45 |
| Q02 | 335 | 47 |
| W01 | 340 | 47 |
| O03 | 372 | 52 |
| R02 | 376 | 52 |
| X01 | 380 | 53 |
| N04 | 409 | 56 |
| S02 | 421 | 59 |
| Y01 | 422 | 59 |
| P03 | 429 | 59 |
| T02 | 472 | 66 |
| Z01 | 480 | 67 |
| O04 | 483 | 67 |
| Q03 | 492 | 68 |
| U02 | 526 | 73 |
| R03 | 552 | 76 |
| P04 | 558 | 77 |
| V02 | 591 | 82 |
| S03 | 617 | 85 |
| Q04 | 640 | 88 |
| W02 | 663 | 92 |
| T03 | 692 | 95 |
| R04 | 718 | 99 |
| X02 | 741 | 103 |
| U03 | 772 | 106 |
| S04 | 803 | 111 |
| Y02 | 823 | 115 |
| V03 | 866 | 119 |
| T04 | 900 | 124 |
| Z02 | 936 | 130 |
| W03 | 972 | 134 |
| U04 | 1004 | 138 |
| X03 | 1086 | 150 |
| V04 | 1127 | 155 |
| Y03 | 1206 | 166 |
| W04 | 1264 | 174 |
| Z03 | 1373 | 189 |
| X04 | 1413 | 195 |
| Y04 | 1596 | 216 |
| Z04 | 1790 | 246 |
Linux and Unix related material
Network related material
In order to use SSL for TSO access follow a procedure similar to the one below.
First define a Certificate in RACF.
//* +--------------------------------------------------------------+
//* | DEFINE DIGITAL CERTIFICATES |
//* +--------------------------------------------------------------+
//GROUPS EXEC PGM=IKJEFT01
//SYSTSPRT DD SYSOUT=*
//SYSTERM DD DUMMY
//SYSTSIN DD *
PROF MSGID WTPMSG
/* CREATE SELF SIGNED CERTIFICATE */
RACDCERT ID(TCPSTC) -
GENCERT SUBJECTSDN(CN('some.name')) -
SIZE(1024) -
WITHLABEL('TN3270 SERVER SELF SIGNED CERT')
RACDCERT ID(TCPSTC) -
ADDRING(TN3270.SELFSIGNED.CERTIFICATE)
RACDCERT ID(TCPSTC) -
CONNECT(LABEL('TN3270 SERVER SELF SIGNED CERT') -
RING(TN3270.SELFSIGNED.CERTIFICATE) -
DEFAULT)
/* GIVE ACCESS TO NEW FACILITY CLASSES */
PERMIT IRR.DIGTCERT.ADD CLASS(FACILITY) ID(TCPSTC) ACC(CONTROL)
PERMIT IRR.DIGTCERT.ADDRING CLASS(FACILITY) ID(TCPSTC) ACC(CONTROL)
PERMIT IRR.DIGTCERT.CONNECT CLASS(FACILITY) ID(TCPSTC) ACC(CONTROL)
PERMIT IRR.DIGTCERT.DELETE CLASS(FACILITY) ID(TCPSTC) ACC(CONTROL)
PERMIT IRR.DIGTCERT.GENCERT CLASS(FACILITY) ID(TCPSTC) ACC(CONTROL)
PERMIT IRR.DIGTCERT.GENREQ CLASS(FACILITY) ID(TCPSTC) ACC(CONTROL)
PERMIT IRR.DIGTCERT.LIST CLASS(FACILITY) ID(TCPSTC) ACC(CONTROL)
PERMIT IRR.DIGTCERT.LISTRING CLASS(FACILITY) ID(TCPSTC) ACC(CONTROL)
PERMIT IRR.DIGTCERT.REMOVE CLASS(FACILITY) ID(TCPSTC) ACC(CONTROL)
SETR RACLIST(FACILITY) REFRESH
/*
(assumes TCPIP is running under user TCPSTC)
Amend the TCPIP profile as follows to leave port 23 for non-SSL and defining port 9923 for SSL.
Eventually switching over after testing...
; ***********************************************************
; * Use these blocks to replace TELNETPARMS and add a *
; * TELNETGLOBALS block *
; * Add the following to the PORT list: *
; * 9923 TCP INTCLIEN ; Telnet 3270 Server *
; * Change the following port after BEGINVTAM *
; * Port 23 9923 *
; * To swap SSL ports 23 <-> 9923 change the port and *
; * secureport values in the TELNETPARMS blocks *
; ***********************************************************
; ---------------------------------------------------------------------
; Configure Telnet - Telnet Global Parms
; ---------------------------------------------------------------------
;
TELNETGLOBALS
TELNETDEVICE 3278-3-E NSX32703 ; 32 line screen -
; default of NSX32702 is 24
TELNETDEVICE 3279-3-E NSX32703 ; 32 line screen -
; default of NSX32702 is 24
TELNETDEVICE 3278-4-E NSX32704 ; 48 line screen -
; default of NSX32702 is 24
TELNETDEVICE 3279-4-E NSX32704 ; 48 line screen -
; default of NSX32702 is 24
TELNETDEVICE 3278-5-E NSX32705 ; 132 column screen-
; default of NSX32702 is 80
TELNETDEVICE 3279-5-E NSX32705 ; 132 column screen -
; default of NSX32702 is 80
LUSESSIONPEND ; On termination of a Telnet server connection,
; the user will revert to the DEFAULTAPPL
; instead of having the connection dropped
MSG07 ; Sends a USS error message to the client if an
; error occurs during session establishment
; instead of dropping the connection
CodePage ISO8859-1 IBM-1047 ; Linemode ASCII, EBCDIC code pages
Inactive 0 ; Let connections stay around
PrtInactive 0 ; Let connections stay around
TimeMark 600
ScanInterval 120
; SMFinit std
; SMFterm std
; Define logon mode tables to be the defaults shipped with the
; latest level of VTAM
ENDTELNETGLOBALS
;
; ---------------------------------------------------------------------
; Configure Telnet - NO SSL
; ---------------------------------------------------------------------
TelnetParms
Port 23 ; Port number 23 (std.)
WLMClusterName
TN3270E
EndWLMClusterName
EndTelnetParms
;
; ---------------------------------------------------------------------
; Configure Telnet - SSL
; ---------------------------------------------------------------------
TelnetParms
SECUREPORT 9923 ; SSL PORT NUMBER 9923
KEYRING SAF TN3270.SELFSIGNED.CERTIFICATE
CONNTYPE SECURE
CLIENTAUTH NONE
ENCRYPT
SSL_DES_SHA
ENDENCRYPT
WLMClusterName
TN3270E
EndWLMClusterName
EndTelnetParms
;
Point your 3270 emulator at port 9923 and change encryption from "none" to "SSL v3.0" or equivalent.
Documentation says:
"Ensure that the CICS region has access to the z/OS™ system SSL library SGSKLOAD by means of the STEPLIB or JOBLIB statements, or by using the system link library, as appropriate. "
This library no longer exists - don't worry.
Create RACF stuff.....
Define new FACILITY Classes as appropriate
Give access to new FACILITY Classes
Execute DFH£RING EX 'SYS1.CICSTS31.SETA.SDFHSAMP(DFH£RING)' + 'CICS GUI wuiservername FORUSER(CICSUSER)'
Create self-signed certificate
Minimum SIT parm change:
add KEYRING=Cics.Gui, (note case sensitive) TCPIPHOSTNAME(10.194.101.71) TCPIPPORT(1951) TCPIPSSL(YES) TCPIPSSLCERT(GUI-WEB-SERVER) <-- MUST be uppercase apparently remember to use https://.... when attempting to access the WUI.
In the sysplex each zOS image has an IP address for each OSA and a static VIPA address for the image.
A dynamic VIPA address will route users to either side of the plex.
To get to either image use the dynamic VIPA address - failure on either side will route the user to the other. May need to logon again.
To get to a specific side use the static VIPA - if an OSA fails it routes via the other.
To get to a specific OSA use its IP address explicitly.
OSPF via OMPROUTE should broadcast addresses throught the network ou to the switches.
EIGRP handles the addressing on the other side of the switch.
Windows / "Intel" related stuff
In order to suck data from z/OS for instance....
set up a .bat file in Windows containing something like this...
ftp -s:getplex1.txt
make a .txt (in this case getplex1.txt) like this...
open 10.194.101.66 i.e. the home address of the z/OS system
usprhpa i.e. your RACF userid
mar2007 i.e. your RACF password (oops)
prompt
ascii
cd /
cd 'sys1dd.proclib'
lcd cpsm
lcd proclib
mget Cts*
mget cics*
mget ctg*
mget cpsm*
cd /
lcd ..
cd 'cics.cts31d.sysin'
lcd parms
mget *
cd /
lcd ..
cd 'cics.cts31d.jcllib'
lcd jcl
mget *
cd /
lcd ..
cd 'cics.cts31d.tabsrce'
lcd tables
mget *
cd /
lcd ..
cd 'cics.ctg61d.stdenv'
lcd stdenv
mget *
lcd ..
quote site filetype=jes
put csdup.txt
close
quit
z/OS (MVS) related content
//**REXX**/
/*.................................................................
Analyse output from RACF LISTUSER (LU) command and save
the results in ISPF variables.
To use in your EXEC....
call TCSLU userid
then "ISPEXEC VGET (variables)"
where variables are....
ruser Userid
rname User name
rowner Owning group
rcrdate Create date
rdefgrp Default group
rpdate Password date
rpint Password interval
rattr1 Attributes
rattr2 Attributes
rrevdate Revoke date
rresdate Resume date
rlastacc Last access
rclasaut Class authorisations
rmodnme Model name
rinstdta Installation data
TSO TSO segment (Yes or No)
racctnum TSO account number
rhclass TSO hold class
rjclass TSO job class
rmclass TSO MSGCLASS
rproc TSO procedure
rsize TSO size
rmsize TSO maxsize
rsclass TSO storage class
runit TSO unitname
rudata TSO userdata
groups a concatenation of group information
.................................................................*/
parse upper arg ruserid
/*trace i*/
x= Outtrap("lu.",'*',"noconcat") /* Trap the output */
/* Issue the lu command */
ADDRESS "TSO" "LU "ruserid" TSO"
max_num= (lu.0 + 1) /* Max number of lines */
x= 1 /* Starting position */
racfline= '' /* init */
Do While Substr(lu.x,2,10) ^= '----------'
racfline= racfline||' '||lu.x /* build the concatenation*/
x= x + 1 /* next entry */
End
/*.................................................................*/
/* Parse The Header Information */
/*.................................................................*/
ruser= '' /* init */
rname= '' /* init */
rowner= '' /* init */
rcrdate= '' /* init */
rdefgrp= '' /* init */
rpdate= '' /* init */
rpint= '' /* init */
rattr1= '' /* init */
rattr2= '' /* init */
rrevdate= '' /* init */
rresdate= '' /* init */
rlastacc= '' /* init */
rclasaut= '' /* init */
Parse Value racfline with 'USER=' ruser,
'NAME=' rname,
'OWNER=' rowner,
'CREATED=' rcrdate,
'DEFAULT-GROUP=' rdefgrp,
'PASSDATE=' rpdate,
'PASS-INTERVAL=' rpint,
'ATTRIBUTES=' rattr1,
'ATTRIBUTES=' rattr2,
'REVOKE DATE=' rrevdate,
'RESUME DATE=' rresdate,
'LAST-ACCESS=' rlastacc,
'CLASS AUTHORIZATIONS=' rclasaut .
If (rattr2 = '') Then
Parse Value racfline with 'USER=' ruser,
'NAME=' rname,
'OWNER=' rowner,
'CREATED=' rcrdate,
'DEFAULT-GROUP=' rdefgrp,
'PASSDATE=' rpdate,
'PASS-INTERVAL=' rpint,
'ATTRIBUTES=' rattr1,
'REVOKE DATE=' rrevdate,
'RESUME DATE=' rresdate,
'LAST-ACCESS=' rlastacc,
'CLASS AUTHORIZATIONS=' rclasaut .
rattr1= Strip(rattr1,T,' ') /* remove leading blanks */
If (Substr(rlastacc,1,3) = 'UNK') Then Do /* UNKNOWN? */
rlastdte= Substr(rlastacc,1,7) /* last access date */
rlasttme= 'UNKNOWN' /* last access time */
End
Else Do
rlastdte= Substr(rlastacc,1,6) /* last access date */
rlasttme= Substr(rlastacc,8,8) /* last access time */
End
rattr= rattr1||' '||rattr2 /* Attributes */
rmodnme= '' /* Init */
rinstdta= '' /* Init */
rclasaut= '' /* Init */
Parse Value racfline with 'MODEL-NAME=' rmodnme .
Parse Value racfline with 'INSTALLATION-DATA=' rinstdta .
If (rmodnme = '' & rinstdta = '' ) Then
Parse Value racfline with 'CLASS AUTHORIZATIONS=' rclasaut,
'NO-INSTALLATION-DATA' rinstdta,
'NO-MODEL-NAME' .
Else
If (rmodnme ^= '' & rinstdta ^= '' ) Then
Parse Value racfline with 'CLASS AUTHORIZATIONS=' rclasaut,
'INSTALLATION-DATA=' rinstdta,
'MODEL-NAME=' rmodnme .
Else
If (rmodnme = '') Then
Parse Value racfline with 'CLASS AUTHORIZATIONS=' rclasaut,
'INSTALLATION-DATA=' rinstdta,
'NO-MODEL-NAME' .
Else
Parse Value racfline with 'CLASS AUTHORIZATIONS=' rclasaut,
'NO-INSTALLATION-DATA' rinstdta,
'MODEL-NAME=' rmodnme .
If (rinstdta= '') Then /* Installation Data? */
rinstdta= 'NONE' /* No- */
If (rclasaut= '') Then /* Class authorities? */
rclasaut= 'NONE' /* No- */
If (rmodnme= '') Then /* Model Name? */
rmodnme= 'NONE' /* No- */
x= 1 /* Starting position */
Do While Substr(lu.x,2,7) ^= ' GROUP=' /* obtain starting pos */
x= x + 1 /* next entry */
End
tso_start= x /* store for a while */
y= 0 /* Init */
Do While Substr(lu.x,1,15) ^= 'SECURITY-LEVEL='
If Substr(lu.x,3,6) = 'GROUP=' Then Do /* Group Entry? */
y= (y + 1) /* Next entry */
racfline.y= lu.x /* build the concatenation*/
x= (x + 1) /* Next entry */
End
Else Do
racfline.y= racfline.y||' '||lu.x /* Build the concatenation*/
x= (x + 1) /* Next entry */
End
End
/*.................................................................*/
/* Parse The Group Information ``` */
/*.................................................................*/
Group_count= y /* group count */
groups = ""
Do i = 1 to y /* get the group info */
Parse Value racfline.i with 'GROUP=' group.i,
'AUTH=' auth.i,
'CONNECT-OWNER=' connown.i,
'CONNECT-DATE=' conndte.i,
'CONNECTS=' connects.i,
'UACC=' uacc.i,
'LAST-CONNECT=' lastconn.i,
'CONNECT ATTRIBUTES=' connattr.i,
'REVOKE DATE=' revdate.i,
'RESUME DATE=' resdate.i .
z = words(connattr.i) - 1
connattr = word(connattr.i,1)
do z
connattr = connattr||','||word(connattr.i,z+1)
end
groups = groups||group.i||auth.i||connown.i||uacc.i||connattr||' '
End
/*.................................................................*/
/* Parse The TSO Segment */
/*.................................................................*/
racfline= '' /* init */
racctnum= '' /* Init */
rhclass= '' /* Init */
rjclass= '' /* Init */
rmclass= '' /* Init */
rproc= '' /* Init */
rsize= '' /* Init */
rmsize= '' /* Init */
rsclass= '' /* Init */
runit= '' /* Init */
rudata= '' /* Init */
x= tso_start /* init */
Do While (Substr(lu.x,1,15) ^= 'TSO INFORMATION') &,
(Substr(lu.x,1,18) ^= 'NO TSO INFORMATION')
x= x + 1 /* next entry */
End
TSO= 'No' /* No TSO information */
If (Substr(lu.x,1,18) = 'NO TSO INFORMATION') Then
do
TSO= 'No'
end
else
do
TSO= 'Yes' /* TSO information */
racfline= '' /* init */
Do While Substr(lu.x,1,9) ^= 'USERDATA='
racfline= racfline||' '||lu.x /* build the concatenation*/
x= x + 1 /* next entry */
End
racfline= racfline||' '||lu.x /* build the concatenation*/
Keyword= 'ACCTNUM=' /* Keyword To Check */
Call Parse_It Keyword Racfline /* Let's Parse */
racctnum= Parsvar /* Keyword value */
Keyword= 'HOLDCLASS=' /* Keyword To Check */
Call Parse_It Keyword Racfline /* Let's Parse */
rhclass= Parsvar /* Keyword value */
Keyword= 'JOBCLASS=' /* Keyword To Check */
Call Parse_It Keyword Racfline /* Let's Parse */
rjclass= Parsvar /* Keyword value */
Keyword= 'MSGCLASS=' /* Keyword To Check */
Call Parse_It Keyword Racfline /* Let's Parse */
rmclass= Parsvar /* Keyword value */
Keyword= 'PROC=' /* Keyword To Check */
Call Parse_It Keyword Racfline /* Let's Parse */
rproc= Parsvar /* Keyword value */
Keyword= 'SIZE=' /* Keyword To Check */
Call Parse_It Keyword Racfline /* Let's Parse */
rsize= Parsvar /* Keyword value */
Keyword= 'MAXSIZE=' /* Keyword To Check */
Call Parse_It Keyword Racfline /* Let's Parse */
rmsize= Parsvar /* Keyword value */
Keyword= 'SYSOUTCLASS=' /* Keyword To Check */
Call Parse_It Keyword Racfline /* Let's Parse */
rsclass= Parsvar /* Keyword value */
Keyword= 'UNIT=' /* Keyword To Check */
Call Parse_It Keyword Racfline /* Let's Parse */
runit= Parsvar /* Keyword value */
Keyword= 'USERDATA=' /* Keyword To Check */
Call Parse_It Keyword Racfline /* Let's Parse */
rudata= Parsvar /* Keyword value */
end
"ispexec vput (
ruser rname rowner rcrdate rdefgrp rpdate rpint rattr1 rattr2
)"
"ispexec vput (
rrevdate rresdate rlastacc rclasaut rmodnme rinstdta rclasaut
)"
/*
"ispexec vput (
group. auth. connown. conndte. connects. uacc. lastconn.
)"
"ispexec vput (
connattr. revdate. resdate.
)"
*/
"ispexec vput (
racctnum rhclass rjclass rmclass TSO groups
)"
"ispexec vput (
rproc rsize rmsize rsclass runit rudata
)"
exit
Parse_It: Procedure Expose Keyword Racfline parsvar therest
parsvar= '' /* init */
Parse Var racfline (Keyword) parsvar therest
Return /* Return To Caller */
Using the REXX
/* rexx */
call tcslu g540pw1
"ispexec vget (
ruser rname rowner rcrdate rdefgrp rpdate rpint rattr1 rattr2
)"
"ispexec vget (
rrevdate rresdate rlastacc rclasaut rmodnme rinstdta
)"
"ispexec vget (
racctnum rhclass rjclass rmclass TSO
)"
"ispexec vget (
rproc rsize rmsize rsclass runit rudata groups
)"
say substr(ruser,1,30) " Userid "
say substr(rname,1,30) " User name "
say substr(rowner,1,30) " Owning group "
say substr(rcrdate,1,30) " Create date "
say substr(rdefgrp,1,30) " Default group "
say substr(rpdate,1,30) " Password date "
say substr(rpint,1,30) " Password interval "
say substr(rattr1,1,30) " Attributes "
say substr(rattr2,1,30) " Attributes "
say substr(rrevdate,1,30) " Revoke date "
say substr(rresdate,1,30) " Resume date "
say substr(rlastacc,1,30) " Last access "
say substr(rclasaut,1,30) " Class authorisations "
say substr(rmodnme,1,30) " Model name "
say substr(rinstdta,1,30) " Installation data "
x = words(groups)
y = x / 5
say groups
say 'number of groups =' y
x = 1
do y
say "Group " word(groups,x)
say "AUTH " word(groups,x+1)
say "OWNER " word(groups,x+2)
say "UACC " word(groups,x+3)
say "ATTR " word(groups,x+4)
x = x + 5
end
if TSO = 'Yes' then
do
say substr(racctnum,1,30) " TSO account number "
say substr(rhclass,1,30) " TSO hold class "
say substr(rjclass,1,30) " TSO job class "
say substr(rmclass,1,30) " TSO MSGCLASS "
say substr(rproc,1,30) " TSO procedure "
say substr(rsize,1,30) " TSO size "
say substr(rmsize,1,30) " TSO maxsize "
say substr(rsclass,1,30) " TSO SYSOUT class "
say substr(runit,1,30) " TSO unitname "
say substr(rudata,1,30) " TSO userdata "
end