Manualshelf

TS/MP 2.5 Release Supplement

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series
11121314151617181920
NOTE: The ACS core processes are:
Domain Coordinator Process ($ZACS)
Process Broker Process ($ZPnn)
Configuration Subscriber Process ($ZCSnn)
Redirector (ROUT) Process ($ZLnn)
NOTE: In TS/MP 2.5, the PB process performs the link acquisition, and the ROUT process
performs the link management. Therefore, from the PATHMON perspective, the PB process is the
link manager.
ACS Subsystem Product Module (ACSPM)
The ACS subsystem product module provides a part of the ACS subsystem interface to the Subsystem
Control Facility (SCF), as shown in Figure 5 (page 63). The program file for the ACSPM is
$SYSTEM.SYSTEM.ZACLSCF.
ACS Domains
An ACS domain is a defined set of objects (resources), which are controlled and managed as a
unit by the ACS subsystem and spanned across multiple NonStop systems.
The ACS subsystem and its resources are managed and controlled using the SCF, as shown in
Figure 5 (page 63). You can use SCF commands to manage the ACS subsystem configuration.
For more information on SCF and SCF commands, see “SCF Command Reference for the ACS
Subsystem” (page 62).
Security
This subsection includes the following topics:
ACS Subsystem-specific Security Features” (page 15)
“Sensitive and Non-Sensitive SCF Commands” (page 16)
ACS Subsystem-specific Security Features
The ACS subsystem provides the following security features:
Client access authentication to server processes:
NOTE: Client authentication is only performed for Pathsend servers.
The ACS subsystem provides access authentication for each request. When a request is
submitted to a server process, the redirector process authenticates the client ID by verifying
the ID against the security attribute for the server class and forwards the authenticated requests
to the server process.
Environment configuration and operation method authentication:
The PATHCOM SECURITY and OWNER attributes provide basic access protection for server
classes. These attributes determine which operations you can perform on an object within the
application environment. For example, you can perform an operation on a server class or
sending information to the process associated with a server class.
NOTE: The SECURITY attribute is enforced only for Pathsend requestors; security for SCOBOL
requestors is enforced differently. Therefore, you cannot use shared servers that process both
Pathsend and SCOBOL requestors in a common security model.
ACS Domains 15