docmain.css" /> System Requirements and Prerequisites - Automated Sign-On for Mainframe Administrator Guide

System Requirements and Prerequisites

The following products and systems must be in place before installing or configuring Automated Sign-On for Mainframe.

  • Host Access Management and Security Server 12.4 SP1 or higher on the designated server. Management and Security Server provides the MSS Administrative Server and can be installed on any platform that runs a compatible version of Java.

    This version introduces the Administrative Console, and you can use an HTML login that does not require Java.

  • Micro Focus terminal emulation software on the client and administrator workstations. Automated Sign-On for Mainframe currently supports:

    • Reflection Desktop 16 or higher
    • Reflection 2014 R1 SP1
    • Reflection ZFE 2.0 or higher
    • Reflection for the Web 12.3 SP1 or higher (The version must be compatible with Management and Security Server. See the Reflection for the Web Release Notes.)
    • Rumba 9.4.1 or higher

  • z/OS with DCAS installed. (See Section 1.3 for guidance.)

  • TLS connection from the MSS Administrative Server to DCAS. The default is TLSv1.2.

    If the mainframe does not support -- or cannot be updated to -- TLSv1.2, add this MSS server setting to enable TLSv1 or TLSv1.1.

    1. In \MSSData\properties, open server.properties in a text editor.

    2. Add a line to enable the TLS protocol versions:

      server.asm.protocols=TLSv1, TLSv1.1, TLSv1.2

      NOTE:Syntax matters. Valid property values are TLSv1, TLSv1.1, and TLSv1.2.

      (TLSv1.0 does not work.)

      If the property is not specified or is empty, the default value is TLSv1.2.

    3. Save the file.

  • LDAP directory for user authorization.

NOTE: JCE Unlimited Strength Jurisdiction Policy Files are required on the MSS Administrative Server. If you encounter a warning, apply the policy files, as follows.

To apply the policy files:

  1. Download the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files from Oracle or IBM. Be sure to download the correct policy file updates for your version of Java:

    Java 8: Java SE Downloads

    IBM: Unrestricted SDK JCE policy files

  2. Uncompress and extract the downloaded file. The download includes a Readme.txt and two .jar files with the same names as the existing policy files.

  3. Locate the two existing policy files:

    local_policy.jar

    US_export_policy.jar

    On UNIX, look in <java-home>/lib/security

    On Windows, look in C:\Program Files\Java\jre<version>\lib\security

  4. Replace the existing policy files with the unlimited strength policy files you extracted.