There are a number of post-installation configurations that you can make to ensure that Reflection ZFE runs successfully.
The default timeout value for an inactive Reflection ZFE session is 30 minutes. This means that a session that was not logged out and has had no activity will close after 30 minutes. You can configure this setting on the server.
Open <install directory>/sessionserver/microservices/zfe/service.yml.
Adjust the session timeout value in the env section of the file:
- name: server.servlet.session.timeout
value: <desired-time-in-seconds>
- name: server.servlet.session.cookie.max-age
value: <desired-time-in-seconds>
HINT:The indentation formatting is important.
Restart the server.
The Management and Security Server provides a Terminal ID Manager to pool terminal IDs, track ID usage, and manage inactivity timeout values for specific users, thus conserving terminal ID resources and significantly reducing operating expenses.
The Terminal ID Manager Add-On requires a separate license.
Before you configure the Terminal ID Manager for Reflection ZFE, verify that you have this option enabled for MSS. There are complete instructions in the MSS Installation Guide.
HINT:If MSS and Reflection ZFE are installed on the same machine and using port 80, no additional configuration is needed.
Configuring Terminal ID Manager for Reflection ZFE
To configure the Terminal ID Manager for Reflection ZFE, you must provide the correct address to the Terminal ID Manager.
Open the sessionserver/conf/container.properties file.
Update id.manager.server.url=http://localhost:80/tidm to reflect the address of the Terminal ID Manager configured in Management and Security Server.
Restart the Reflection ZFE Session Server.
The Management and Security Server provides metering capabilities to monitor Reflection ZFE host sessions.
Before you configure metering for Reflection ZFE, verify that you have metering enabled for MSS. There are complete instructions in the MSS Installation Guide.
In Reflection ZFE metering is set globally for all emulation sessions created by the Reflection ZFE session server. Settings are configured in the sessionserver/conf/container.properties file.
Table 3-1 Metering options
|
Property |
Description |
|---|---|
|
metering.enabled |
Turns metering on or off, with a value of "true" or "false". Any value other than "true" turns metering off. |
|
metering.host.required |
Determines whether the session can connect to the host even if the metering server cannot be contacted. "True" means that session connections will fail if the metering host is unavailable. "False" means that session connections will still work even if the metering host is unavailable. |
|
metering.server.url |
Specifies the name or address of the metering server, the port, the protocol, and the webapp context. The syntax is "host:port|protocol|context". This syntax is the same as that used by the MSS server in the MssData/serverconfig.props file to register metering servers. The host:port section of the URL must escape the “:” character. For example, test990.attachmate.com\:8080. |
#Example additions to sessionserver/conf/container.properties metering.enabled=true metering.host.required=false metering.server.url=10.10.11.55\:80|http|meter
NOTE:In the event that all licenses are in use and you attempt to make a connection, the session will be disconnected. To determine whether the host has disconnected or the metering service has stopped the connection, see the Reflection ZFE/sessionserver/logs/server.log file.
All server components are installed as services and can be configured to start during installation.
If you are running on Linux platforms, follow these steps to set the session server to start automatically when your system first boots up.
Create a file called zfe containing the following and using your installation directory:
#!/bin/sh # #This script manages the service needed to run the session server #chkconfig:235 19 08 #description:Manage the Reflection ZFE session server ###BEGIN INIT INFO # Provides: zfe # Required-Start: $all # Required-Stop: $all # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Description: Start the Reflection ZFE Session Server ### END INIT INFO INSTALL_DIR=<enter installation directory> BIN_DIR=$INSTALL_DIR/sessionserver/bin case "$1" in start) echo "Starting Reflection ZFE Session Server" $BIN_DIR/server start RETVAL=0 ;; stop) echo "Stopping Reflection ZFE Session Server" $BIN_DIR/server stop RETVAL=0 ;; status) echo "Current Reflection ZFE Session Server status" $BIN_DIR/server status RETVAL=0 ;; restart) echo "Restart Reflection ZFE Session Server" $BIN_DIR/server restart RETVAL=0 ;; *) echo "Usage: $0 (start|stop|status|restart)" RETVAL=1 ;; esac exit $RETVAL
Then complete the relevant steps.
|
Platform |
Follow these steps |
|---|---|
|
Linux |
|
Both the Reflection ZFE session server and MSS ports can be modified depending on your network needs. See Ports used by Reflection ZFE.
The default ports used by Reflection ZFE are:
Table 3-2 Reflection ZFE and MSS Default Ports
|
Session server |
|
|
Management and Security Server |
|
To change the default ports:
Table 3-3 Changing default ports
|
Component |
Instructions |
|---|---|
|
Reflection ZFE session server |
There are three ports you can modify:
|
|
Management and Security Server |
The SSL port MSS uses to make an HTTPS connection is set to 443 by default. If you need to change the port number, start the Management Server. This creates the default PropertyDS.xml file. Then, open PropertyDS.xml in the MssData directory. Change the value from 443 to the appropriate port number in the section below, and then restart the Management Server. <CORE_PROPERTY NAME="sslport"> <STRING>443</STRING> |
Automated Sign-On for Mainframe is an add-on product to Management and Security Server that enables an end user to authenticate to a terminal emulation client and be automatically logged on to a host application on the z/OS mainframe.
The Management and Security Server Administrator Guide for Automated Sign-On for Mainframe has complete information on configuring this option.
Install and configure the Automated Sign-On for Mainframe add-on for Management and Security Server. You can find complete instructions here.
After the Management and Security Server setup is complete, open the Administrative Console to add sessions and map users to those sessions. During that process, you can complete the additional configuration needed to implement automated sign-on.
A Reflection ZFE macro sends the user’s mainframe username and pass ticket to the host application. The user is then automatically logged in. To help create the macro:
The Macro API contains the AutoSignon object that provides the methods needed to create a Reflection ZFE login to use with the Automated Sign-On for Mainframe feature.
You can also reference the sample macro Automatic Sign-On Macro for Mainframes that uses the AutoSignon object to create a macro that uses the credentials associated with a user to obtain a pass ticket from the Digital Certificate Access Server (DCAS).