About Securing an Enterprise Server Installation

You use the Enterprise Server security facility to implement user authentication, and to control access to the applications and resources that a system uses.

You control access to Enterprise Server administrative features, MSS applications and application resources through the use of security managers, sometimes referred to as external security managers (ESMs). Through the use of these security managers, you can implement measures such as verifying users against the operating system configuration or incorporating an LDAP repository into your Enterprise Server security.

Securing an installation involves securing access to the following system components:

Note: It is possible to apply different security configurations to the Directory Server and the Enterprise Servers. This can, however, cause problems during operation. For example, an administrator can have MFDS access permissions to configure a resource, but if the enterprise server does not have access permissions to use the resource, it cannot be used during operation. The safest thing to do is to apply the same security configuration to the Directory Server and the Enterprise Servers it controls.

User ID and password constraints

Enterprise Server emulates the mainframe operating system on Microsoft Windows, UNIX and Linux operating system platforms. Mainframe user authentication constraints and technical limitations are therefore emulated through the Enterprise Server External Security Facility (ESF) Manager to ensure mainframe compatibility.

These constraints and technical limitations apply to many components of Enterprise Server including:
  • CICS
  • Job Entry Subsystem (JES)
  • Micro Focus Directory Server (MFDS)
  • IMS

To avoid issues with user signon and similar functions, avoid attempting to create user IDs or passwords that do not meet these requirements.