
7.1.2 LOGON Procedures
In ICCF, a logon procedure may be specified in the user profile. This entry
references an ICCF procedure or macro used to define the environment for this
logon. These optional procedures or macros are normally defined by the user if
they are present.
In TSO/E, the LOGON procedure is not optional. The LOGON procedure defines
the system resources available to a terminal user and defines or allows for
dynamic allocation of all data sets used by a terminal user. LOGON cataloged
procedures must reside in the data set defined in the procedure used to start the
primary job entry subsystem, JES2 or JES3. This data set may be either
SYS1.PROCLIB or a partitioned data set dedicated to LOGON procedures.
You may specify a users default logon procedure (for the users first logon) in
the users TSO segment using the PROC keyword. You may authorize or restrict
usage of logon procedures using RACFs TSOPROC resource class. Again, see
TSO/E Customization
RACF Security Administrator
s Guide
when you need
more details.
7.1.3 Message Facilities
The ICCF member A$MAIL normally resides in the ICCF common library of
DTSFILE and is used to broadcast messages to all ICCF users. The ICCF
command /MAIL is issued by an ICCF user to view any messages that have been
stored in member A$MAIL. If messages are sent to an individual ICCF user by
using the /SEND command, they are stored in an ICCF member unique to the
receiver that is created automatically by ICCF. Both of these ICCF facilities are
For the TSO/E environment, a Broadcast Data Set, SYS1.BRODCAST, is required.
Normally, though, you will use the broadcast data set only to hold notices,
messages intended for display to all users at logon time such as a message of
the day or a system status message. For messages directed to individual users
(single-line mail) you will normally want to configure TSO/E to use a separate
data set for each user. You do this using operands on the SEND statement in
SYS1.PARMLIB(IKJTSO00). Smaller installations may wish to use
SYS1.BRODCAST for mail messages, too, and can configure this using the SEND
options in IKJTSO00 if they desire.
TSO/E users can choose to view mail and notices at logon time, or to suppress
such viewing by specifying NONOTICES and/or NOMAIL. They may also view
mail and notices whenever they desire using TSO/Es LISTBC command.
7.1.4 Security
ICCF provides facilities which protect ICCF libraries, ICCF library members, files,
and VSE library members against unauthorized access from interactive
partitions. The implementation of security in the ICCF environment is not related
to an overall DOS/VSE security implementation.
In the MVS TSO/E environment, security is an MVS system level requirement
and will normally be handled through RACF.
Both ICCF and TSO/E provide a first level of security in the requirement for
predefined user IDs before accessing the system. A password for the user ID is
required for access to the system.
Chapter 7. ICCF and TSO 157