Beginning with release 10.0, a basic security configuration is included with
Visual COBOL and
Enterprise Server and enabled as part of product installation. This configuration requires users
authenticate to
Enterprise Server, including
Enterprise Server Common Web Administration (ESCWA), and be
authorized to perform various actions.
The default security configuration is comprised of the following elements:
- The
VSAM ESM Module, which implements an External Security Manager (ESM) using a set of COBOL indexed files. The
VSAM ESM Module was introduced in release 9.0 as an Early Adopter Program (EAP) feature. It is now a regular feature of the Visual COBOL,
Enterprise Developer, and
Enterprise Server products.
- A set of security definitions (users, groups, and resource access rules) for the
VSAM ESM Module, based on the sample security configuration for LDAP which is also supplied with
Enterprise Server. These definitions are supplied with the product as a YAML file, and during installation are used to create a set of security-data
files for the
VSAM ESM Module in a standard location.
- An External Security Facility (ESF) Security Manager definition in ESCWA which uses the
VSAM ESM Module and the supplied default security data. On installation,
ESCWA is configured to use this Security Manager.
- A similar ESF Security Manager definition in MFDS. The MFDS Default ES Security is set to use this definition, and MFDS itself
is set to use Default ES Security as its security configuration.
- Credentials for the administration user account
SYSAD and a limited-access account
readonly in the default
Micro Focus Secrets Vault. Passwords for these two accounts are created at installation, so they are different for each product installation. See
Getting Started with Default Enterprise Server Security for instructions on retrieving these credentials.
- Utilities for disabling and recreating the default security configuration.
For product reinstallations or upgrades, if security data already exists, default security will not be enabled. Your existing
security definitions will be preserved.
Note: Micro Focus recommends backing up security and other configuration data before reinstalling or upgrading.