Skip Headers
Oracle® Identity Manager Connector Guide for IBM RACF Advanced
Release 9.0.4

E10451-21
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

D Relationship between the Pioneer (DDs), Voyager (DDs) and the INDDs

Table D-1 shows the relationship between the Pioneer (DDs) and the INDDs in CREATDSN member. Table D-2 shows the relationship between the Voyager (DDs) and the INDDs in CREATDSN. The BLKSIZE parameter on the DCBs for RECFM=FB files below can be specified as BLKSIZE=0 and let the Operating decide the best blocksize for the device they are allocated on. The only DDname this cannot be done is Voyager's CACHESAV file. They LRECL and BLKSIZE must be very specific for the encryption routines used on Voyager. The BLKSIZE for CACHESAV must not be changed.

In this illustration we are using "Pioneer" as the High-Level Qualifier. This is only an Illustration.

Table D-1 Relationship between the Pioneer (DDs) and the INDDs in CREATDSN Member

Pioneer DD: CREATDSN DD:

RECONOUT

//INDD1 DD DSN=PIONEER.RECON.FILE,// DCB=(DSORG=PS,RECFM=FB,LRECL=90,=BLKSIZE=27000,// UNIT=SYSDA,SPACE=(CYL,50),DISP=(NEW,CATLG),// VOL=SER=XXXXXX

LISTINR

//INDD2 DD DSN=PIONEER.ALIAS.LSTOUT,// DCB=(DSORG=PS,RECFM=VBA,LRECL=133,BLKSIZE=26300),// UNIT=SYSDA,SPACE=(CYL,5),DISP=(NEW,CATLG),// VOL=SER=XXXXXX

PARMFLE

//INDD4 DD DSN=PIONEER.CONTROL.FILE

// DCB=(DSORG=PS,RECFM=F,LRECL=80,BLKSIZE=80),

// UNIT=SYSDA,SPACE=(TRK,5),DISP=(NEW,CATLG),

// VOL=SER=XXXXXX

SYSTSPRT

//INDD5 DD DSN=PIONEER.REXXOUT.FILE,

// DCB=(DSORG=PS,RECFM=FB,LRECL=121,BLKSIZE=27951),

// UNIT=SYSDA,SPACE=(CYL,80),DISP=(NEW,CATLG),

// VOL=SER=XXXXXX

SYSEXEC

//INDD6 DD DSN=PIONEER.REXX.CLISTS,

// DCB=(DSORG=PO,RECFM=FB,LRECL=80,BLKSIZE=0),

// UNIT=SYSDA,SPACE=(CYL,(5,5,1)),DISP=(NEW,CATLG),

// VOL=SER=XXXXXX

FULLIMPU

//INDD7 DD DSN=PIONEER.IMPORTU.FILE

// DCB=(DSORG=PS,RECFM=FB,LRECL=121,BLKSIZE=27951),

// UNIT=SYSDA,SPACE=(CYL,100),DISP=(NEW,CATLG),

// VOL=SER=XXXXXX

FULLIMPG

//INDD8 DD DSN=PIONEER.IMPORTG.FILE

// DCB=(DSORG=PS,RECFM=FB,LRECL=121,BLKSIZE=27951),

// UNIT=SYSDA,SPACE=(CYL,100),DISP=(NEW,CATLG),

// VOL=SER=XXXXXX


In this illustration we are using "Voyager" as the High-Level Qualifier. This is only an Illustration.

Table D-2 Relationship between the Voyager (DDs) and the INDDs in CREATDSN Member

Voyager DD: CREATDSN DD:

CACHESAV

//INDD7 DD DSN=VOYAGER.CACHESAV.FILE,

// DCB=(DSORG=PS,RECFM=FB,LRECL=112,BLKSIZE=27888),

// UNIT=SYSDA,SPACE=(CYL,10),DISP=(NEW,CATLG),

// VOL=SER=??????

PARMFLE

//INDD9 DD DSN=VOYAGER.CONTROL.FILE,

// DCB=(DSORG=PS,RECFM=F,LRECL=80,BLKSIZE=80),

// UNIT=SYSDA,SPACE=(TRK,1),DISP=(NEW,CATLG),

// VOL=SER=??????

NOTES:

Change vol=ser to the location of the datasets.


The Table D-3 describes the purpose of the Pioneer (DDs) and the files that were loaded by CREATDSN.

Table D-3 Purpose of the Pioneer (DDs)

Pioneer (DD): Purpose: Size Requirement:

RECONOUT

Output file for Internal Rexx clist Searches. LDAP request the Searches and Pioneer executes the request and when completed. The file is read by Pioneer and sends back to the LDAP.

The record size is 90 bytes will contain for a UserID extract, 9 RACF userIDs per record. Size of file depends on the number of RACF userIDs contained in the RACF database.

This file is also used for RACF group extracts, 9 RACF groups names per 90 byte record and the size formula is the same as above.

LISTINR

Output file of the internally called IDCAMS process. The output file is read and parsed by Pioneer and send back to the LDAP.

No size requirements. The size initially allocated via the CREATDSN member will be fine for any IDCAMS process.

JCLOUTP

Output display of Post-processing JCL build only.

 

AUDTLOG

Outputs to SYSOUT for Auditing. The control file parameter of AUDIT_LOG= must be YES.

 

SYSPUNCH

Used for POST processing only.

 

SYSTSPRT

Output REXX sequential file populated by various internally called REXX clists/programs for SEARCHES. Outputs of RACF userID, group, dataset and facilities extracts.

LRECL=121, 1 RACF userID or group or dataset or facility per 121 byte record.

FULLIMPU

Output of user process for full import process. This file is the output of the extract process. The process is a RACF userID extract only.

LRECL=121, size depends on how many RACF segments there are per userID.

FULLIMPG

Output of user process for full import process. This file is the output of the extract process. The process is a RACF group extract only.

LRECL=121, size depends on how many RACF segments there are per group.


D.1 LISTINR and IDCAMS

IBM's IDCAMS utility is used to create/delete/print VSAM datasets and ALIASes. It requires two files (SYSIN) which is the control records and (SYSPRINT) which is the output of the execution.

The function works as follows:

  1. LDAP sends a message with the DEFINE or DELETE records in the message with a MCRUD-COMMAND = ALIAS.

  2. Pioneer validates the MCRUD-COMMAND.

  3. Pioneer then splits the message into parts based on the "|'"send inside the message

  4. These individual parts are each records written to the ddname - IDCAMSD.

  5. After the write is successful, we call IDCAMS pass IDCAMSD ddname as SYSIN and LISTINR as SYSPRINT.

  6. IDCAMS execution inside the Pioneer address spaces occurs. Output is to LISTINR

  7. Pioneer reads the LISTINR and checks the Return Code of the executed commands and routes it back to the LDAP via a write-socket.

  8. Both IDCAMSD and LISTINR are then cleared.