WebSphere Application Server for z/OS, Version 6.0.x   
             オペレーティング・システム: z/OS

             目次と検索結果のパーソナライズ化
このトピックは、z/OS オペレーティング・システムにのみ適用されます。

生成された指示のサンプル: セキュリティー・ドメイン

この項では、 カスタマイズ・ダイアログの生成した指示がどのように見えるかのサンプルを紹介します。 これはサンプルにすぎません。 ユーザーのシステムを構成する際には、 ユーザー独自の変数から生成された指示を使用する必要があります。

-----------------------------------------------                         
Instructions for customizing a WebSphere® for z/OS® security domain.     
                                                                        
The customization dialog has created jobs based on the information you          
provided. These instructions tell you how to modify the operating               
system and run the jobs to customize WebSphere for z/OS.               
                                                                        
RULES:                                                                          
                                                                        
1.
If you created the target data sets (*.CNTL and *.DATA) on another          
    (driving) system, you must copy them to the target system and give          
    them the same data set names.                                      
                                                                        
2.  You must perform these instructions on your target system.                                                                        
3. You will have saved the security domain definition values
    in a data set. These values will need to be loaded and used         
    when creating a stand-alone application server or a Network         
    Deployment environment.                                             
                                                                        
    ------------------------------------------------------------------- 
                                                                        
Running the customized jobs                                                     
---------------------------                                             
                                                                        
The customization dialog built a number of batch jobs with the                  
variables you supplied. You must run the jobs in the order listed               
below using user IDs with the appropriate authority.                    
                                                                        
The customization dialog for WebSphere for z/OS does not attempt to
update configuration data for your base operating system or existing            
subsystems.                                                             
                                                                        
BEFORE YOU BEGIN: You must copy the target data sets (*.CNTL and        
*.DATA) to your target system and give them the same data set names,    
and you must be running on your target system.                          
                                                                        
Follow the table below, which lists in order the jobs you must submit           
and the commands you must enter. Special handling notes are included            
in the table. All jobs are members of                                           
                                                                        
DATASET.CNTL.                                                           
                                                                        
Attention: After submitting each job, carefully check the output.       
Errors may exist even when all return codes are zero.                   
                                                                        
+-----------+----------------------------------------------------------+
| BBOSBRAJ  | User ID requirement: Authority to update data set        |
+-----------+                                                          |
| Done:     | DATASET.DATA.                                            |
|           |                                                          |
|           | This job builds (but does not execute) the RACF® commands |
| By:       | for the WebSphere for z/OS security domain and places    |
|           | them into member BBOSBRAK of data set                    |
|           |                                                          |
|           | DATASET.DATA.                                            |
|           |                                                          |
|           | Carefully review these definitions with your security    |
|           | administrator.                                           |
+-----------+----------------------------------------------------------+
| BBOSBRAK  | User ID requirement: RACF special authority.             |
+-----------+                                                          |
| Done:     | This job instantiates the security rules set up in the   |
|           | previous job by invoking RACF commands.                  |
|           |                                                          |
|           | RESULT: You may receive errors, such as INVALID USER     |
|           | messages, from this job because a user ID, group  or     |
|           | profile is already defined.  Make sure the existing      |
|           | user ID, group or profile has the same characteristics   |
|           | as the user ID, group or profile being created by        |
|           | BBOSBRAK.  If not, then change the values in the         |
|           | customization dialog which are causing the conflict,     |
|           | regenerate the customization jobs, and restart the       |
|           | process.                                                 |
| By:       |                                                          |
|           |                                                          |
|           |                                                          |
|           |                                                          |
+-----------+----------------------------------------------------------+
| --------- | Activating the APPL class (optional)                     |
+-----------+                                                          |
| Done:     | The following APPL profile is created by BBOSBRAK with   |
|           | UACC(READ) and permitted to the unauthenticated user     |
|           | group WSCLGP:                                            |
|           |                                                          |
|           | CB390                                                    |
|           |                                                          |
|           |                                                          |
| By:       | However, in order to make use of APPL profile security   |
|           | with WebSphere for z/OS, you must also activate the RACF |
|           | APPL class globally with the command:                    |
|           |                                                          |
|           |      SETROPTS CLASSACT(APPL)                             |
|           |                                                          |
|           | Consult with your site security administrator before     |
|           | issuing this command, as it affects all RACF-controlled  |
|           | applications that check the APPL class.  See the WAS     |
|           | InfoCenter for more information on implementing security |
|           | using APPL class profiles.                               |
|           |                                                          |
+-----------+----------------------------------------------------------+



関連資料
関連情報
生成済みカスタマイズ手順に従う: セキュリティー・ドメイン
参照トピック    

ご利用条件 | フィードバック

最終更新: Jan 21, 2008 10:52:11 PM EST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.zseries.doc/info/zseries/ae/rins_dialogsteps_sampinst1.html