Important Updates to Cybersecurity Software

HelpSystems is updating the names of our cybersecurity software, including the Powertech product line. Don’t worry—the functionality of your products won’t change.

See the new names here > New, Simpler Names for HelpSystems Security Software.

Step I – Installation of the Powertech products

To successfully install any Powertech products in a High Availability (HA) environment, the Powertech product must be installed on the HA system before the production system.

This is necessary because replication software could be setup with global settings to replicate non-library objects such as user profiles, authorization lists, IFS directories, etc.  Many of the Powertech products check for the existence of these objects (especially user profiles) prior to the installation and will not install if these objects already exist. 

Note: During the installation process, Authority Broker registers its exit program to its associated exit point – POWERLOCK_AB.  Without the exit program registration, Authority Broker profile switches will fail.

Step II – Authority Broker User Profiles & Authorization Lists

Authority Broker has two user profiles PLABADM and PLABOWN.

Authority Broker has these authorization lists: POWERABADM, POWERABDTA, POWERABFL, POWERABFO, POWERABPGM and POWERABRPT.

Note: If the user profiles or authorization lists exist, replication of these objects must be inactivated on the production system. Delete these user profiles and/or authorization lists on the HA system then install Authority Broker per the installation instructions.

Step III - Authority Broker Setup

After installing Authority Broker on your target (HA system) and source (production system), you will need to replicate certain files and authorization lists (including filters) to the HA system.

Note 1: User Profiles and their appropriate message queues setup in Authority Broker must either be replicated or created on the HA system before Authority Broker can be used on the HA system. User Profiles are used in the swap process and message queues are used in the Alert Method. Check the 'System User to Switch Profiles' settings for this information.

Note 2: Exit Programs, when using before or after exit programs in Authority Broker; these objects (ie - programs, files, etc) need to be replicated to the HA system. Use the Work with Product Exits Menu to see whether exit programs are used.

Note 3: All Event reporting will be from the date/time of the role swap on the HA system. Authority Broker uses the system’s QAUDJRN (IBM system journal). QAUDJRN cannot be replicated between systems. All Event reporting will be from the date/time of the role swap on the HA system.

Step IV – Use Object Synchronization Replication Software

Synchronization of the objects will need to be done on the individual object. Never use ‘Library Synchronization’ feature of the HA product as it will clear the product’s library and replicate just the objects that are defined to be replicated.

We have seen that Library Synchronization has caused issues that require the product to be uninstalled and reinstalled.

Step V – Authority Broker Journal – PWRJRN

The journal PWRJRN in PTABLIB is used to capture changes to Authority Broker setup and configuration. Powertech recommends using this journal to replicate the changes between the production and HA system. This may require special setup with the replication software, an example would be that a separate ‘Data Group’ would be required in a product such as Mimix.

Step VI - Authority Broker Authorization Lists to Replicate

Add ‘Include’ filters for the authorization lists listed below:

Library OBJECT TYPE
QSYS POWERABADM *AUTL
QSYS POWERABDTA *AUTL
QSYS POWERABFL *AUTL
QSYS POWERABFO *AUTL
QSYS POWERABPGM *AUTL
QSYS POWERABRPT *AUTL

Step VII - Authority Broker Files to Replicate

Setup replication software to include the following files to be replicated to the HA system in order to provide the profile swap setup, alert methods, exit programs, firecall setup and other information.

Add an ‘Include’ filter for the files listed below:

Library OBJECT TYPE
PTABLIB PABEML *FILE
PTABLIB PABEXITG *FILE
PTABLIB PABEXITSP *FILE
PTABLIB PABINPARTY *FILE
PTABLIB PAMALERT *FILE
PTABLIB PAMDOW *FILE
PTABLIB PAMDOWD *FILE
PTABLIB PAMDOWO *FILE
PTABLIB PAMEXCL *FILE
PTABLIB PAMFCCTL *FILE
PTABLIB PAMFCOVR *FILE
PTABLIB PAMGRC *FILE
PTABLIB PAMGRO *FILE
PTABLIB PAMHDR *FILE
PTABLIB PAMIP *FILE
PTABLIB PAMIPEM *FILE
PTABLIB PAMIPRPT *FILE
PTABLIB PAMSYS *FILE
PTABLIB PAMTMSW *FILE

Note 1: The files PAMSWPHDR, PAMSWPLOG and PABWSD are the swap history and screen capture files. These files have been removed from the inclusion list because we have observed that replication software can have locks on these files on the HA system when Authority Broker is a ‘Live’ active product. These files may be replicated if, and only if, Authority Broker will be used only on the HA system after the role swap.

Note 2: The files PAMSWPHDR, PAMSWPLOG and PABWSD have trigger programs. Caution must be taken whenever this object is restored on a system or used in a HA environment. After these files have been restored or replicated, please verify that their triggers are correct.

Step VIII – License Objects

Authority Broker version 4 has the ability to enter multiple licenses (press F7 – License List on License Setup screen). This allows you to enter the HA system’s license before the role swap so that you are not required to contact Powertech technical support for an emergency (temporary) key.

In the event that you are using multiple licenses, you will need to setup the following objects for replication. 

Library OBJECT TYPE
PTABLIB PAB9800U *USRSPC

Note: If you enter only the license for the product system, and have not added the license for the HA system, do not replicate this object. It may cause the license on the HA system to be invalid and you will need to contact  keys@helpsystems.com to request a new license key.


Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: October 15, 2018