This topic applies only on the z/OS operating system.

Creating a security domain

Perform this task to set up the operating system security prerequisites for a WebSphere Application Server for z/OS cell. This ensures that all servers in the cell are using the same operating system security definitions.

Before you begin

Install the WebSphere Application Server for z/OS product code and review the instructions for using the Customization Dialog. Have available a copy of the worksheet that you completed as part of Planning for security.

About this task

You must perform this task before configuring any application serving environment that uses the security domain. If a new WebSphere Application Server for z/OS cell or server on a z/OS system will use the exact same security domain definitions as an existing server or cell on the same z/OS system, you do not need to repeat this task.

You need to run the jobs generated as part of this task once per security database. If z/OS systems do not share a RACF or other security database, you are responsible for making sure identical security definitions are in place for all WebSphere Application Server for z/OS user IDs, groups, and profiles. See Preparing the security server (RACF) for more information.

Procedure

  1. Log on to TSO on the z/OS system on which you intend to configure the security domain. Use a user ID that has READ access to the WebSphere Application Server for z/OS product data sets.
  2. Start the Customization Dialog. See Starting the Customization Dialog for details.
  3. Choose the configuration data sets in which you will store your customization jobs and data. See Choosing configuration data sets for details.
  4. Set the customization variables according to the values recorded on your security domain worksheet. See Setting the customization variables: Security domain for details.
  5. Save the security domain customization variables in a data set that you will use in later customization steps. See Saving the security domain variables for details.
  6. Create the customization jobs and files, based on the customization variable values you entered. See Creating the customization jobs and files for details.
  7. Follow the generated customization instructions. See Following the generated customization instructions: Security domain for details, and a sample set of customization instructions.

Results

You have finished when you have successfully completed the steps in the generated instructions. The security domain is in place on the chosen z/OS system. If any z/OS systems that interoperate with or host your planned application serving environment do not share the security database you updated as part of this task, update the security databases of the other systems accordingly.
Note: In the case of SSL certificates, this might require transporting certificates created on the initially configured z/OS system to the other z/OS systems rather than creating new SSL certificates on each system.

What to do next

Proceed with the configuration of the application serving environments that use this security domain.



In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Aug 29, 2010 8:25:23 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=vela&product=was-nd-zos&topic=tins_zossecdom
File name: tins_zossecdom.html