The following tasks must be implemented in order for MSO to operate correctly:
FOCLIB.LOAD, the FOCUS load library, must be an APF-authorized library, in order to activate MSO security and many other MSO features.
Note: If FOCLIB.LOAD is authorized, then all other load libraries allocated to MSO must be authorized, unless Internal APF Authorization is activated.
Make sure that the MSO address space is non-swappable. An entry in the MVS PPT should be added to SYS1.PARMLIB(SCHEDnn) as follows:
PPT PGMNAME(SSCTL) NOSWAP CANCEL
Do not use the KEY 0 parameter, or any other parameter (such as NOPASS), unless the consequences of adding the parameter are completely understood by the system programmer.
Note: FOCLIB.LOAD must be APF-authorized in order for MSO to be non-swappable.
If MSO is running as a started task, make sure that MSO will not have special security authorization, as is common with started tasks. This will interfere with the user-level security of MSO. Under RACF, there is a Started Task Table that allows the site to specify that MSO will not have special authorization. Other security packages have different requirements. See MSO Security for further information.
Print files produced by MSO users have the MSO job's name printed on the banner pages. If desired, you can update JES2 to print MSO users' userids instead.
The IBI Subsystem must be installed if any of the following MSO or FOCUS facilities will be used:
CICS access to MSO.
TSO access to MSO.
MSOKILL, an alternate method of stopping MSO.
Simultaneous Usage (SU).
The BMP extension of the FOCUS/IMS-DB data adapter.
SmartMode, which uses SU.
If all access to MSO will be via VTAM, and neither SU, MSOKILL, nor the BMP extension will be used, then skip this step and do not allocate ddnames MSGET and MSPUT in the MSO JCL.
If you are using external security you must set up your security package to work properly with MSO. MSO Security provides details on setting up RACF, CA-ACF2, and CA-TOP SECRET to work with MSO security.
Assign a VTAM APPLID for each MSO address space which you will run, and, if desired, one for the MSO Console for each address space.
Each applid must be able to support multiple LU2 sessions, much like a CICS APPLID.
This sample VTAMLST member for MSO may be found in member LU2DEF of MSO.DATA:
*=====================================================================*
* MSO VTAM Definitions *
*---------------------------------------------------------------------*
* This member defines the APPL statements and major node *
* needed by MSO to properly utilize VTAM. Copy it to *
* SYS1.VTAMLST (or your site's equivalent data set). Make *
* sure it is added to ATCCON00 (or your site's member) *
* so it will automatically be started during VTAM *
* initialization. *
*=====================================================================*
*
APPLMSO VBUILD TYPE=APPL Application major node
*
*=====================================================================*
*
FOCUS APPL AUTH=(VPACE),EAS=10,PARSESS=YES
CONSOLE APPL AUTH=(VPACE),EAS=10,PARSESS=YES
*
*=====================================================================*
Information Builders |