Specifying the CICS region userid

When you start a CICS® region (either as a job or as a started task) in an MVS™ environment that has RACF® installed, the job or task is associated with a userid, referred to as the CICS region userid. The authority associated with this userid determines which RACF-protected resources the CICS region can access.

Each CICS region, for either production or test use, should be subject to normal RACF data set protection based on the region userid under which the CICS region executes. You specify the region userid under which CICS executes in one of three ways:

As a started task: As a started job:
As a job:

To ensure the authorizations for different CICS regions are properly differentiated, run each with a unique region userid. For example, the userid under which you run the production CICS regions to process payroll and personnel applications should be the only CICS userid authorized to access production payroll and personnel data sets.

If you are using intercommunication, it is particularly important to use unique userids, unless you want to bypass link security checking. For more information, see Link security with LU6.2, Link security with LU6.1, or Link security with MRO, depending on the environment you are using.