The Profile Management Tool and the zpmt command
generate jobs that help you create the necessary System Authorization
Facility (SAF) profiles—such as STARTED, CBIND, or SERVER—that enable
your server to run.
At runtime, normal SAF specific and generic profile matching uses
a combination of the cell short name, cluster short name (or cluster
transition name for a non-clustered server), server short name, and
the SAF profile prefix (if one is specified) to select the appropriate
matching profile.
WebSphere
® Application Server for z/OS
® uses
two schemes, specific and generic, in the creation of SAF profiles:
- With the specific profile scheme, a set of fully-qualified specific
profiles is created to exactly match the short names that apply to
the server you customize.
- With the generic profile scheme, a set of generic profiles is
also created (the STARTED class BBO*.* profiles for example) The purpose
of these generic profiles is to provide a default profile for any
server that is created administratively and that has a default name
so that the servers can operate successfully by default.
Examples:
- An application server created through the administrative console
has a default server short name of BBOSnnn and
a cluster short name (or cluster transition name for a non-clustered
server) of BBOCnnn, where nnn is
a unique number. By default, this server can start using the BBO*
generic profiles.
- Node federation creates a node agent server. If the base application
server that you federate is configured with a Java™ Message
Service (JMS) integral provider, then a standalone JMS server is also
created. The node agent has a default name of BBONnnn and
the JMS server is BBOJnnn, where nnn is
a unique number. By default, these servers can start using the BBO*
generic profiles.
The generic profiles that are created are not required and exist
only for your convenience in case you use the default server short
names and cluster short names (or cluster transition names for non-clustered
servers) generated by WebSphere Application Server
for z/OS. You can choose to delete the generic profiles
if, for example, your organization has particular naming conventions
and you will not use the default names generated by WebSphere Application
Server for z/OS. In that case, ensure that you have your
own strategy for creating the required SAF profiles, either generic
or specific, with your own naming convention—WebSphere Application
Server for z/OS does not create them for you.