Currently running DIRMAINT in a z/VM 6.3 SSI environment and we plan to convert to VMSECURE with Rules.
I cloned my sandbox cluster in 2nd level to test out the implementation and built the CP component of Rules into the CP nucleus.
After shutting down one of the members, we tried to IPL which failed with:
HCPPLM1663E SSI function JOIN has failed for service Security.
HCPPLM1697I The state of SSI system VMLNX4A has changed from JOINING to ISOLATED
HCPPLM1698I The mode of the SSI cluster is SAFE
There is mention in the VM:Secure Installation guide that in a Single System Image complex, the Access Control Interface exit routines
supplied as part of the Rules facility, must be installed in the CP nucleus on every member at the same time.