CA Cleanup for Top Secret: Tracking File Considerations in a Multiple LPAR environment

Document ID : KB000055303
Last Modified Date : 14/02/2018
Show Technical Document Details



When implementing CA Cleanup for Top Secret in an environment with more than one LPAR, there are a few things to consider in order to ensure optimal usage and functionality of the Cleanup tool. Below are some typical environment configurations with recommendations on tracking file setup based on security database sharing and CA Top Secret's Command Propagation Facility (CPF) enablement.




Environment 1:


SYSA and SYSB share one security database, no CPF.

-> It is recommended to use one shared tracking file.

The use of two tracking files is supported but not common. Using two tracking files may be used in the situation where IBM's Global Resource Serialization (GRS) or CA's Multiple Image Manager (MIM) cannot be used to propagate enqueues. This setup, however, is not recommended since there is additional overhead with maintaining, reporting on and reloading multiple tracking files. If using two tracking files, always report using both tracking files as input, because this is actually one security system.

Environment 2:



SYSA and SYSB have separate security databases, CPF connected.

-> Do not use a single shared tracking file!

Report using both tracking files as input because this is one logical security system. Use the CFILE from whatever system is considered "master".

Environment 3:



SYSA and SYSB have separate security databases, no CPF.

-> Do not use a single shared tracking file!

As long as separate security databases are in use, the only way to accurately track referenced or unreferenced items is by having one tracking file per security database. Report separately because these are two distinct security systems.


Additional Information:


Refer to CA Cleanup for Top Secret Product Guide for more details.