Define the OPSYS Administrator ID With CA-Top Secret

The server administrator ID requires an OMVS segment.

To define the server administrator ID with eTrust CA-Top Secret:

  1. Create a department ID for everyone defined to eTrust CA-Top Secret who will be using the server, by issuing the command
    TSS CRE(dept) TYPE(DEPT) NAME('formal department name')

    where:

    dept

    Is the name of the department you are creating.

    formal department name

    Is the label you want to associate with the new department.

  2. For users within the department you just created for the server, you can define resource access within a group. To define an ID for that group, issue the following command
    TSS CRE(deptgrp) NAME('dept group') DEPT(dept) TYPE(GROUP) GID(n)

    where:

    deptgrp

    Is the name of the group you are creating.

    dept group

    Is the label you want to associate with the new group.

    dept

    Is the name of the department you created.

    n

    Is the number you want to assign to the new group.

  3. Create the iadmin ID and attach it to the new department by issuing the following commands: 
    TSS CRE(iadmin) NAME('iadmin id')

TYPE(USER) DEPT(dept) PASSWORD(pass)

GROUP(deptgrp) DFLTGRP(deptgrp)

    where:

    iadmin

    Is the ID you are creating to administer the server.

    iadmin id

    Is the label you want to associate with the new ID.

    dept

    Is the name of the department that you created.

    pass

    Is the password for the ID you are creating.

    deptgrp

    Is the group you created.

  4. Issue the following command to define the user's USS shell program (using OMVSPGM), facility access (using FAC), and, optionally, the initial directory (using HOME).

    The OMVS segment of the ACID defines the ACID's UID, the user's home directory, and the initial program that the user will run. The initial program is generally the shell program that the user invokes.

    TSS ADD(iadmin) UID(n) [HOME(/u/dir)] OMVSPGM(/bin/sh) FAC(BATCH,TSO)

    where:

    iadmin

    Is the ID you created to administer the server.

    n

    Is the UID. It cannot be 0 (zero).

    HOME

    Defines the initial directory path name. If it is omitted, USS sets the user's initial directory to the root directory.

    dir

    Is the ID home directory.

  5. Issue the following command
    TSS PER(iadmin) IBMFAC(BPX.FILEATTR.APF) ACC(READ)

    where:

    iadmin

    Is the ID you created to administer the server.

  6. Continue by verifying the server administrator ID, as described in Verify the OPSYS Administrator ID.