CA Top Secret r15 fix RO68239 introduces a new mirrored security file enhancement.
This enhancement can only be leveraged if SHRFILE(NO) is set.
As noted above, the mirror option can only be leveraged when SHRFILE is set to NO.
If SHRFILE(YES) is set, and the MIRROR parameter is set to MIRROR(ON), the following messages will result at startup:
TSS9247E Mirror File not supported with Shared Secfile
TSS9248I Security file Mirroring is Disabled
RO68239 will not only introduce the necessary TSS code to deal with this new brand feature, it will also modify and/or add some members to CAKOJCL0installation library: TSS, TSSB, TSSM, TSSMAINM and VSAMDEFM.
Here are the go to the quick steps:
- Edit CAKOJCL0(VSAMDEFM), update it to comply with your standards.
Submit it. It will allocate your VSAM MIRROR file.
Note: It's important that the REUSE attribute is set.
- Edit CAKOJCL0(TSSMAIM), update it to comply with your standards.
Submit it. It will allocate your MIRROR BDAM file and initialize your MIRROR BDAM and VSAM files.
Note: The MIRROR BDAM file definition must identical to your PRIMARY BDAM file definition.
- Modify your CA Top Secret STC procedure to add the required DD cards to take in account your MIRROR files.
//SECMIRR DD DISP=SHR,DSN=&HLSEC..SECFILE.MIRROR
//VSAMIRR DD DISP=SHR,DSN=&HLSEC..VSAMFILE.MIRROR
- Modify your CA Top Secret parameter file to set the new CA Top Secret control option MIRROR to ON.
- Recycle your CA Top Secret address space.
P TSS in temporary and restart it.
Note: ",,,REINIT" must be specified on the start.
- The first time you start mirroring, you will receive the following CA Top Secret messages:
TSS9237I SECMIRR out of sync with SECFILE TSS9242I Mirror Synchronization Started TSS9243I Mirror Synchronization Ended TSS9240I Security file mirroring is active On the next CA Top Secret restart, you will receive only: TSS9107I VSAMFILE Successfully Opened TSS9240I Security file mirroring is active Here it an excerpt of the TSS MODI output to show the new TSS control option. TSS9660I VERSION=15.0 KO TSS9661I CA Top Secret BASE Status AUTH(OVERRIDE,ALLOVER) ADMINBY(YES) CACHE(ON) Audit File(010%) Recovery File(000%) Security File(092%) Vsam File(OPEN) MIRROR(ON) Id=PRIMARY SHRFILE(NO) RCACHE(NO
Also, please read the entire comment with RO68239, it will give some additional tips.