[z/OS]

Sample generated instructions: Common MVS groups and users

This article presents a sample of what the Customization Dialog's generated instructions might look like. This is a sample only--you need to use the instructions generated from your own variables when configuring your system.

-----------------------------------------------                            
Instructions for customizing a WebSphere® for z/OS® common MVS groups and  
users.                                                                    
                                                                          
The customization dialog has created jobs based on the information you     
provided. These instructions tell you how to modify the operating          
system and run the jobs to customize WebSphere for z/OS.                      
                                                                               
RULES:                                                                          
                                                                                
1.  If you created the target data sets (*.CNTL and *.DATA) on another          
    (driving) system, you must copy them to the target system and give          
    them the same data set names.                                               
                                                                                
2.  You must perform these instructions on your target system.                  
                                                                                
3.  You will have saved the z/OS security definition values                     
    in a data set. These values will need to be loaded and used                 
    when creating a stand-alone application server or a Network                 
    Deployment environment.                                                     
                                                                                
    -------------------------------------------------------------------         
                                                                                
Running the customized jobs                                                     
---------------------------                                                     
                                                                                
The customization dialog built a number of batch jobs with the                  
variables you supplied. You must run the jobs in the order listed               
below using user IDs with the appropriate authority.                            
                                                                                
The customization dialog for WebSphere for z/OS does not attempt to             
update configuration data for your base operating system or existing            
subsystems.                                                                     
                                                                                
BEFORE YOU BEGIN: You must copy the target data sets (*.CNTL and                
*.DATA) to your target system and give them the same data set names,            
and you must be running on your target system.                                  
                                                                                
Follow the table below, which lists in order the jobs you must submit           
and the commands you must enter. Special handling notes are included            
in the table. All jobs are members of                                           
                                                                                
HOLLOW.WASBB61.CNTL.                                                            
                                                                                
Attention: After submitting each job, carefully check the output.               
Errors may exist even when all return codes are zero.                           
                                                                                
+-----------+----------------------------------------------------------+        
|           | The following three jobs (BBOSBRAJ, BBOSBRAK, BBOSBRAM)  |        
|           | do not need to be run if the indicated groups, user IDs  |        
|           | and directories already exist with the correct gid,      |        
|           | uid and ownership permission values, as given below.     |        
+-----------+----------------------------------------------------------+        
| BBOSBRAJ  | User ID requirement: Authority to update data set        |        
+-----------+                                                          |        
| Done:     | USERID.WASBB61.DATA.                                     |        
|           |                                                          |        
|           | This job builds (but does not execute) the RACF® commands |        
| By:       | to create common WebSphere for z/OS groups and user IDs: |        
|           |                                                          |        
|           |  Configuration group:   WSCFG1 (gid 2500)                |        
|           |  Servant group:         WSSR1 (gid 2501)                 |        
|           |  Local user group:      WSCLGP (gid 2502)                |        
|           |  HFS owner user ID:     WSOWNER (uid 2405)               |        
|           |                                                          |        
|           | The commands are placed into member BBOSBRAK of data set |        
|           | USERID.WASBB61.DATA.                                     |        
|           |                                                          |        
|           | Carefully review these definitions with your security    |        
|           | administrator.                                           |        
+-----------+----------------------------------------------------------+        
| BBOSBRAK  | User ID requirement: RACF special authority.             |        
+-----------+                                                          |        
| Done:     | This job executes the RACF commands created by the       |        
|           | previous job.  If the group and user IDs named above     |        
|           | have already been created during a previous WebSphere    |        
|           | for z/OS configuration and are in all target system RACF |        
|           | database(s), you do not need to rerun this job.          |        
|           |                                                          |        
|           | RESULT: You may receive errors, such as INVALID USER     |        
|           | messages, from this job because a user ID, group  or     |        
|           | profile is already defined.  Make sure the existing      |        
|           | user ID, group or profile has the same characteristics   |        
|           | as the user ID, group or profile being created by        |        
|           | BBOSBRAK.  If not, then change the values in the         |        
|           | customization dialog which are causing the conflict,     |        
|           | regenerate the customization jobs, and restart the       |        
|           | process.                                                 |        
|           |                                                          |        
|           | When this step is complete, all groups and user IDs      |        
|           | listed above for job BBOSBRAJ should be defined in the   |        
|           | RACF database on each target system for the cell.        |        
|           | Note: the WAS owner user ID WSOWNER MUST have the WAS    |        
|           | configuration group WSCFG1 as its default OMVS group.    |        
|           |                                                          |        
| By:       |                                                          |        
|           |                                                          |        
+-----------+----------------------------------------------------------+        
| BBOSBRAM  | User ID requirement: UID=0.                              |        
+-----------+                                                          |        
| Done:     | This job creates home directories for WebSphere for z/OS |        
|           | user IDS. These home directories will be subdirectories  |        
|           | of /var/WebSphere/home                                   |        
| By:       |                                                          |        
|           | This job will:                                           |        
|           |                                                          |        
|           | Create the following directory with permission bits 755: |        
|           |  /var/WebSphere/home                                     |        
|           |                                                          |        
|           |  Create the following directory with ownership           |        
|           |  WSOWNER:WSCFG1 and permission bits 770:                 |        
|           |                                                          |        
|           |   /var/WebSphere/home/WSCFG1                             |        
|           |                                                          |        
|           |  Create the following directory with ownership           |        
|           |  WSOWNER:WSSR1 and permission bits 770:                  |        
|           |                                                          |        
|           |   /var/WebSphere/home/WSSR1                              |        
|           |                                                          |        
|           |  Create the following directory with ownership           |        
|           |  WSOWNER:WSCLGP and permission bits 770:                 |        
|           |                                                          |        
|           |   /var/WebSphere/home/WSCLGP                             |        
|           |                                                          |        
|           | This job should be run on each z/OS system that will     |        
|           | host WebSphere Application Server nodes using these      |        
|           | WebSphere for z/OS common groups and owner user ID.      |        
|           | After execution, verify that the directories have been   |        
|           | created with the correct permissions on each system.     |        
|           |                                                          |        
|           | If these directories already exist with the specified    |        
|           | ownership and permission on a target system, then this   |        
|           | job does not need to be run on that system.              |        
|           |                                                          |        
|           | ATTENTION: If the directory                              |        
|           |  /var/WebSphere/home                                     |        
|           | is used by applications other than WebSphere Application |        
|           | Server, make sure that the permissions set by            |        
|           | BBOSBRAM (755) are appropriate, or change them manually. |        
|           | This directory must be world-readable for Websphere      |        
|           | Application Server to run correctly.                     |        
+-----------+----------------------------------------------------------+        
                                                                        
+-----------+----------------------------------------------------------+



Related reference
Related information
Following the generated customization instructions: Security domain
Reference topic Reference topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Aug 31, 2013 4:28:44 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=pix&product=was-nd-mp&topic=rins_dialogsteps_sampinst1grp
File name: rins_dialogsteps_sampinst1grp.html