Some installations want to avoid that users need to logon to TPX itself; instead users should be presented directly with the Session List when they select TPX. This document describes how this can be realized.
The concept is to assign the Terminal name as userid for every user and to switch off Security. The user then is directly taken to the TPX Main menu showing the list of sessions. When logging on to the Application the Security System checks userid and password for the given Application.
Here is a description of what to do in order to avoid users having to logon to TPX itself:
- Go to TPXADMIN, select '2 - TPX System Options', then '6 - Terminal Options Specification' and select an existing or create a new Terminal Option Table. In that Table define one single entry. In that entry define
- on the first panel
"Terminal Mask:" ********
- on the third panel
"Change Signoff to Logoff:" Y - this logs off the user even if they only signoff using /F. We avoid that the TPX-Logon panel is shown when users end their session.
"Use Terminal name as Userid (Autosign):" Y - this lets users logon to TPX using the terminal as userid.
With TPXOPER Command "RELOAD TRM=name_of_table" (NOT name_of_entry in the table!) you assure that the changes become effective.
- Specify the Terminal Option Table in the TPX-Startjob:
//TPX PROC TPREFIX='TPX', TPX DATASET NAME PREFIX
// VNODE=APTPX, THE TPX APPL MEMBER IN VTAMLST
// SMRT=SMRTTEST, SYSTEM OPTIONS TABLE
// ACT=ACTTEST, APPL CHARACTERISTICS TABLE
- Remove the Security System in that TPX. This can be done in the SMRT.
Go to TPXADMIN, select '2 - TPX System Options', then '1 - System Options (SMRT)', select the SMRT in use, then '9 Security Parameters'.
Here enter NONE in the field "Security System".
- In the fifth panel of SMRT allow dynamic users by using these parameters:
* Dynamic Users Allowed: Y
* Save Dynamic Users: N
* Default Dynamic User Profile: xxxxxxxx'Dynamic Users Allowed' specified that you need not to define the users but that they are getting their session list via a profile.
Specify a profile instead of 'xxxxxxxx'. This profile need to be defined now and will contain all Applications for the users.
- Define the Profile
Go to TPXADMIN, select '1 - TPX User/Group Maintenance', then '2 - Profile Maintenance' and enter 's xxxxxxxx' where xxxxxxxx is the profile you specified in the fifth panel of SMRT.
In '1 TPX User Options' you may define on the second panel the "Security System" as 'NONE' is you do not want to change that setting in the SMRT (see Step 3. above).
In '1 TPX User Options' on the second panel you need to specify "Inactivate on:" = 'F' to make sure that CICS ends the session when you leave the CICS-Session by using /F or /K. Alternatively you can use "Transfer option:" = 'MULT' on the same panel. With this option set TPX inactivates the user's sessions on sign off. Don't be disturbed by the 'MULT' - with the impossibility of having identical terminal names in one VTAM you cannot logon multiple times with one user. But this option does successfully end your sessions, even if you just switch off the Terminal Emulation. If you do not use this 'MULT'-option you need to use the TPXUSIST-Exit and make sure it ends with Returncode = 4 in the Callpoint 8. Details of that can be found in the document TEC477403.
In '2 TPX Application Session Options' you define all the applications the users should have in their selection list.
After a restart of TPX the Terminal name will be used as a userid. Security Validation will not be performed - this takes place when the users log on to their Applications.
For Administration purpose you need to setup a second TPX that only administrator(s), and helpdesk people, can get onto. This TPX need to share the ADMIN-files with the first one. To allow the Administrators to log on setup a second TPX-Start Job which differs from the first one in one step: Do not define a Terminal Option Table by using "TMASK=" in that Job. This will present the users with the TPX-Logon screen where they need to logon.
You need to define the Administrators of that TPX as static users in TPXADMIN. You also need to define the Applications (mainly TPXADMIN and TPXOPER) which they need to access from that second TPX in their User Settings or Profile.
When an administrator or helpdesk person needs access these are the steps they need to follow.
- Sign on to the second TPX
- Select TPXADMIN to do any administrative or helpdesk work that needs to be done.
If you do not want to use two TPX-regions but only one this can be done under one condition:
The Administrators have fixed physical terminal names under which they logon every day. If they get their physical terminal assigned from a pool the names of the terminals need to be distinct from the names the dynamic users have. Best would be if the administrators use physical terminals with a different prefix (say 'AD' for example) than the other users. If this is given, you can add a second entry in the Terminal Option Table mentioned in Step 1. above.
That second entry should specify the prefix (here "AD------") and on the third panel specify in field "Use Terminal name as Userid (Autosign):" N (NO).
The name of the entry need to be first in alphabetical order so that it is checked first when users log on:
TPX Terminal Options Table Entry List
Panelid - TEN0141
Command ===> Userid - XXXXXXX
Termid - A54L901
Terminal Options Table: ABCDEF Date - 01/11/12
Time - 11:11:11
Entry Mask characters
****************************** BOTTOM OF DATA *****************************
When an Administrator now logs on from a physical terminal whichs name starts with 'AD' the first Entry in the Terminal Options Table is used and he is presented the TPX Logon screen. This is because his physical Terminal Id will not be used as his userid, and he is defined as static.