1) Have your security group temporarily recreate one of the CA PanAPT administrator's TSO ids
2) log on to TSO using the administrator's TSO id
3) update the CA PanAPT USERID table in the CTL - Control file maintenance option
4) add the new TSO userids and set the Admin flag as needed
5) verify the new Administrator user ids are working
6) have your security group delete the recreated TSO id again.