ZDT/Db2 options specified in HFM2PARM

This section describes the ZDT/Db2 options specified in parmlib member HFM2PARM. You can modify these ZDT/Db2 options to suit your requirements.

The HFM2PARM member provides a secure location for sensitive ZDT/Db2 parameters used to control, for example, audit logging. ZDT/Db2 uses system macros to locate this member in the current logical parmlib concatenation, making it difficult to over-ride or bypass the contents, which can occur when using the HFM2POPT module. When used to specify SAF- rule controlled audit logging, particularly to SMF, a high level of integrity over the auditing process is possible. The HFM2PARM member can also be used to force the use of a particular version of the HFM2POPT module, by specifying a specific data set from which the module should be loaded. This can be used to prevent a knowledgeable user creating a private version of the HFM2POPT module and loading it from a data set allocated to their TSO session, thereby bypassing installation-specified parameters.

This section includes the description of the options that can be specified in the HFM2PARM member, followed by a description of the facilities that can be used to customize the HFM2PARM member. Customization is entirely optional, but might be necessary, for example, in a sysplex environment where not all z/OS® images have the same auditing requirements. It is also possible to specify different auditing options for different users using HFM2PARM statements; these changes can be made directly to the HFM2PARM member. When changes are made to the HFM2PARM member, no IPL is required and the changes become active the next time the user starts ZDT/Db2.