Activating the CICS classes

To activate the CICS resource class for use in security checking by the CICS region, use the RACF SETROPTS command. As soon as the CICS resource class is defined in the active RACF class descriptor table, administrators can define general resource profiles to the class. For more information, see the descriptions of RDEFINE and PERMIT in RACF general resource profiles. Note that the class must be activated before the CICS system can use the profiles that the administrators define.

The format of the SETROPTS command is SETROPTS CLASSACT(classname). For example:
SETROPTS CLASSACT(TCICSTRN)

All sets of RACF general resource classes that have the same POSIT number in their CDT definitions are activated and deactivated together. Therefore, you need only specify one IBM®-supplied CICS class to activate all the IBM-supplied CICS-related classes. If you define your own installation-defined classes with the same POSIT number as the IBM-supplied classes, they are activated and deactivated with the IBM-supplied classes. To provide separate controls for sets of installation-defined classes, define them with different POSIT numbers. (For more information on the POSIT number, see the z/OS Security Server RACF Macros and Interfaces manual.)