The programs that the CICS® Configuration Manager batch and ISPF clients use to create PassTickets are authorized programs; they must reside in an APF-authorized library. In addition, the program that creates PassTickets for the ISPF client must be authorized within TSO/E.
For the batch client, the authorized program that creates PassTickets is the main batch client interface program CCVBMAIN. For the ISPF client, the authorized program is CCVSCRPT. Both programs are supplied in the CICS Configuration Manager authorized program load module library SCCVAUTH.
To enable PassTicket processing for the batch client:
CCVBMAIN uses load modules in the SCCVAlang library. If you APF-authorize SCCVAUTH and add it to the STEPLIB, and you also add SCCVAlang to the STEPLIB, then you must APF-authorize SCCVAlang. All of the libraries in the STEPLIB must be authorized, otherwise CCVBMAIN will not run as an authorized program: it will not be able to create a PassTicket, and it will not be able to successfully connect to the CICS Configuration Manager server via an authenticated port.
For an example of JCL that invokes the batch client, see Figure 1.
To enable PassTicket processing for the ISPF client:
and
For example, edit the SYS1.PARMLIB member IKJTSOxx, and add CCVSCRPT to the following two lists:
AUTHPGM NAMES(
⋮
CCVSCRPT
⋮
)
AUTHTSF NAMES(
⋮
CCVSCRPT
⋮
)
SYS1.PARMLIB is a standard library name. However, your system might use a different naming convention: ask your system administrator.
For more details on authorizing a program to TSO/E, see z/OS: TSO/E Customization.
If you are also using CICS Configuration Manager V1.2
If you have both CICS Configuration Manager V2.1 and V1.2, then remove the V1.2 SCCVAUTH library from the APF-authorized list, to ensure that you use the CCVSCRPT program in the Version 1.2 SCCVAUTH library. The V2.1 CCVSCRPT program is backwardly compatible with V1.2 of CICS Configuration Manager. However, the V1.2 CCVSCRPT program has not been tested with V2.1.