Define CICS Configuration Manager system options
When the CICS® Configuration Manager server starts, it looks in the repository for a system options record. Among other data, this record specifies:
- The IP addresses and port numbers on which the server listens for clients
- If you are using CICSPlex® SM, the context name of the local CMAS
Before starting the server, you need to initialize the repository by creating this system options record and supplying initial values for the system options.
Edit and submit the JCL in the following member of the sample library SCCVSAMP:
- CCVXSYSO
- Defines system options.
The system options are represented in the member by the following parameters:
- PackageApprovals
- PackageAutoNumber
- TransformRulesActive
- SecurityActive
- ObjectSecurityActive
- AutoRemoveDeletedGroups
- ExitPoints
- You can specify the value of these system options as either Y (active) or N (inactive). If you omit one of these system options from the JCL, the default value is N. For a description of these system options, see Table 1.
- SAFClass
- ObjectSAFClass
- The system authorization facility (SAF) resource class that you
want to use for each type of CICS Configuration
Manager security checking:
for server API commands (SAFClass) and for resource definition keys
(ObjectSAFClass).
XFACILIT is the default value for both of these system options. If you decide to use a different resource class, see Requirements for a resource class for security checking.
The values of SAFClass and its related option SAFPrefix are only used when CICS Configuration Manager security checking for server API commands and CICS region security checking are both active (system option SecurityActive=Y and SIT parameter SEC=YES).
The values of ObjectSAFClass and its related option ObjectSAFPrefix are only used when CICS Configuration Manager security checking for resource definition keys and CICS region security checking are both active (system option ObjectSecurityActive=Y and SIT parameter SEC=YES).
For more information about CICS Configuration Manager security checking, see Restricting access to API commands and resource definitions.
- SAFPrefix
- The prefix that CICS Configuration
Manager adds
to the SAF resource keys (known as "security keys") for server
API command security checking. The default value is CCVAPI.
For details on the format of these security keys, see Security keys for API commands.
- ObjectSAFPrefix
- The prefix that CICS Configuration
Manager adds
to the security keys for resource definition key security checking.
The default value is CCVRES.
For details on the format of these security keys, see Security keys for resource definitions.
- CICSPlexMPname
- (Required only if your system uses CICSPlex SM.)
The 1- to 8-character name of the local CMAS that manages the MAS in which the CICS Configuration Manager server runs. Typically, this CMAS would be a maintenance point (MP), but this is not a requirement. (For details on MP locations, see Location of maintenance point CMAS.)
This name must match the CICSPlex SM system parameter NAME of the local CMAS (specified in the extrapartition transient data queue COPR, ddname EYUPARM).
Furthermore, the CICSPlex SM system parameter CMASSYSID of the MAS must match the SYSID of the local CMAS.
The following figure illustrates these values and their relationships:
Figure 1. CICS Configuration Manager system option CICSPlexMPname must match EYUPARM NAME of local CMASThe CICS Configuration Manager server uses this CMAS name to send requests to the CICSPlex SM API.
If these values are inconsistent, then, when CICS Configuration Manager attempts to send a CICSPlex API request to the CMAS, CICSPlex SM responds with an exception: return code 1028 (INVALIDPARM), reason code 1282 (CONTEXT).
- UnauthenticatedPortNumber
- UnauthenticatedPortName
- AuthenticatedPortNumber
- AuthenticatedPortName
- SSLPortNumber
- SSLPortName
- The CICS Configuration
Manager server
can listen for clients on three types of TCP/IP port:
- Unauthenticated and unencrypted
- Authenticated and unencrypted
- Authenticated and encrypted using the secure sockets layer (SSL)
If you decide not to specify a particular port type, then delete the associated parameters from the JCL.
You cannot share port numbers between port types. Ask your network administrator for spare port numbers that you can allocate to CICS Configuration Manager.
The port "names" are the names of the TCPIPSERVICE resource definitions that the CICS Configuration Manager server dynamically defines for each port when the server initializes. (You do not need to define these resource definitions statically in the CSD file.) The default names for the unauthenticated, authenticated, and SSL ports are CCVNONE, CCVBASIC, and CCVSSL, respectively. If you specify a port number without a name, then the port is defined with the default name. However, if you specify a port name without a number, then the name is ignored, and the port is not defined.
- ServerIPAddress
- The IP address of the host system, as defined in its TCP/IP profile.
You must specify this address as one of the following:
- An IP address in dotted decimal form (nnn.nnn.nnn.nnn where nnn is 0 - 255)
- The literal string INADDR_ANY (for details, see the description of the IPADDRESS attribute of the TCPIPSERVICE resource definition in CICS Transaction Server for z/OS®: CICS Resource Definition Guide)
Proxy servers not supported: You might not be able to connect to a CICS Configuration Manager server via a proxy server.
Changing system options after installation
To change the system options for the CICS Configuration Manager server IP address, ports, or CICSPlex SM MP name after installing CICS Configuration Manager:
- Create a copy of the sample JCL member CCVXSYSO.
- Edit the copy so that it no longer affects the journal,
as follows:
- Edit the JCL so that it no longer deletes and then re-creates the journal: either remove the DELETE and CREATE steps, or add RESTART=PRIME1 to the job card (to skip those steps).
- In step PRIME1, change the line that begins //JNL DD to //JNL DD DUMMY
- Remove step PRIME2.
- Issue the following CICS command
to close the CICS Configuration
Manager repository
file, so that it is available to the batch process in the next step:
CEMT SET FILE(CCVDDD) CLO
- Submit the edited copy of the JCL.
Running this job overwrites all CICS Configuration Manager system options, not just the system options for the parameters that you specify in the job. If you re-run this job, specify all parameters again, not just the ones you want to change. Before re-running the job, use CICS Configuration Manager ISPF dialog option 1.1 System Options to view current system option values.
- Run the CICS Configuration
Manager server
initialization program CCVINIT to re-initialize the CICS Configuration
Manager server, so that
it uses the latest system options in the repository. For details,
see Start the CICS Configuration Manager server.Tip: To run program CCVIINIT, invoke the transaction CCVI on the command line of a CICS terminal.
To change all other system options, you can use the CICS Configuration Manager ISPF dialog option 1.1 System Options.