ibi WebFOCUS Reporting Server System ID (iserver)
If you plan to run the server with security provider OPSYS, you must create a user ID for internal use by the server. The server will use this server system ID when it needs superuser privileges. For example, it will use it to impersonate a connected user when the server agent is created.
This ID does not need TSO logon privileges. All IDs require an OMVS segment. Be sure never to delete this ID. Doing so would cause server administration problems.
The sample ID name iserver is used throughout the installation procedure to refer to this ID, but you can choose any name.
You can define this server system ID as either:
- A superuser ID. This is an ID whose security definition
specifies UID(0), authorizing it to perform all z/OS UNIX functions
without restriction.
To define iserver using a superuser ID, if you are using:
RACF, see Define the System User ID With RACF.
CA-ACF2, see Define the System User ID With CA-ACF2.
CA-Top Secret, see Define the System User ID With CA-Top Secret.
- An ID employing profiles with UNIXPRIV for authorization, which
is necessary for certain superuser privileges.
By granting limited superuser privileges with a high degree of granularity to an ID that does not have superuser authority, you minimize the number of assignments of superuser authority at your installation and reduce your security risk.
This is supported for sites using RACF, eTrust CA-ACF2®, and eTrust CA-Top Secret. Note that global access checking is not used for authorization checking to UNIXPRIV resources.
To define the iserver using UNIXPRIV profiles, see Define the System User ID With UNIXPRIV Profiles.