How to Log On and Session Basics

Logging on to TSO (Time Sharing Option) is the first step in accessing IBM mainframe systems. Understanding the logon process, userids, profiles, and session management is essential for anyone working with mainframes. This tutorial covers everything you need to know about TSO logon, from initial connection through session management, providing a solid foundation for mainframe interaction.

Understanding TSO Logon

TSO logon is the process of establishing an interactive session with a z/OS mainframe system. Unlike batch jobs that run without user interaction, TSO logon creates an interactive session where you can enter commands, edit files, and perform operations in real-time. The logon process involves authentication, session initialization, and environment setup.

TSO logon requires several components to work together: a terminal emulator on your computer, network connectivity to the mainframe, a valid userid and password, and proper system configuration. Understanding each component helps you troubleshoot logon issues and use TSO effectively.

Prerequisites for TSO Logon

Before you can log on to TSO, you need several things in place:

• Terminal Emulator: You need terminal emulator software installed on your computer. Common terminal emulators include TN3270 emulators (like IBM Personal Communications, Mocha TN3270, or x3270), which emulate the 3270 terminal protocol used by IBM mainframes. The emulator connects to the mainframe over a network and displays the mainframe interface on your screen.
• Network Access: You need network connectivity to the mainframe system. This typically involves connecting to a specific hostname or IP address and port number. Your organization's system administrator will provide connection details including the mainframe address, port (commonly 23 for telnet or 992 for secure telnet), and any required VPN or network configuration.
• Userid and Password: You need a valid TSO userid and password assigned by your system administrator. The userid identifies you to the system, and the password authenticates your identity. Userids are typically assigned when your account is created and follow organizational naming conventions.
• System Access: Your userid must be authorized to use TSO. System administrators configure which users can access TSO through security systems like RACF, ACF2, or TopSecret. Without proper authorization, logon will fail even with correct credentials.

The TSO Logon Process

The TSO logon process follows a specific sequence of steps. Understanding this sequence helps you know what to expect and troubleshoot any issues that arise.

Step 1: Connect to the Mainframe

The first step is establishing a connection from your terminal emulator to the mainframe. You configure your terminal emulator with the mainframe's hostname or IP address and the appropriate port number. When you initiate the connection, the emulator establishes a network session with the mainframe.

Upon connection, you'll typically see a logon screen. The exact appearance depends on your mainframe configuration, but it usually displays system identification information and prompts for your userid. Some systems may show welcome messages, system names, or other information before the logon prompt.

Step 2: Enter Your Userid

At the logon screen, you'll see a prompt asking for your userid (sometimes labeled as "Userid:", "User ID:", or simply showing a cursor). Enter your TSO userid and press Enter. The userid is case-insensitive in most systems, meaning you can type it in uppercase, lowercase, or mixed case.

After entering your userid, the system validates that the userid exists and is authorized for TSO access. If the userid is invalid or not authorized, you'll receive an error message and may need to contact your system administrator.

Step 3: Enter Your Password

After entering a valid userid, the system prompts for your password. For security reasons, passwords are not displayed as you type them—you'll see asterisks, dots, or nothing at all. Type your password carefully and press Enter.

The system authenticates your password against the security database (RACF, ACF2, or TopSecret). If the password is incorrect, you'll receive an error message. Most systems limit the number of incorrect password attempts before locking your account for security reasons.

Step 4: Session Initialization

After successful authentication, TSO initializes your session. This process includes:

• Loading Your Profile: TSO looks for your profile dataset (typically named USERID.PROFILE or similar) and loads your personal settings and preferences. If no profile exists, TSO uses system defaults.
• Allocating Session Resources: TSO allocates system resources for your session, including memory, dataset access, and terminal I/O buffers.
• Setting Environment Variables: TSO sets up environment variables based on your profile and system defaults. These variables control behavior like default dataset prefixes, terminal characteristics, and command processing options.
• Displaying the READY Prompt: Once initialization is complete, TSO displays the "READY" prompt, indicating that your session is active and ready to accept commands.

The READY prompt is your indication that logon was successful and you can begin using TSO.

Understanding TSO Userids

A TSO userid is a unique identifier that identifies you to the mainframe system. Userids are fundamental to mainframe operations, appearing in dataset names, job output, system messages, and security records.

Userid Characteristics

TSO userids have specific characteristics and rules:

• Length: Userids are typically 1 to 7 characters long. The maximum length is 7 characters, though some organizations may have shorter maximums. Very short userids (1-2 characters) are often reserved for system use.
• Characters: Userids can contain letters (A-Z), numbers (0-9), and certain special characters. The first character must be a letter (A-Z) or a national character (@, #, $). Common special characters allowed include @, #, and $, though specific rules vary by organization.
• Case Sensitivity: Userids are case-insensitive for logon purposes—you can type them in any case. However, userids are typically stored and displayed in uppercase. When you see your userid in dataset names or system messages, it will usually appear in uppercase.
• Uniqueness: Each userid must be unique within the system. No two users can have the same userid. System administrators assign userids following organizational naming conventions to ensure uniqueness and meaningful identification.

Userid Naming Conventions

Organizations typically establish naming conventions for userids to make them meaningful and manageable. Common conventions include:

• First Initial + Last Name: A userid might be the first letter of the first name followed by up to 6 letters of the last name. For example, "John Smith" might have userid "JSMITH".
• First Name + Last Initial: Some organizations use the first name (or part of it) followed by the last initial. For example, "John Smith" might have userid "JOHNS".
• Employee ID: Some organizations use employee identification numbers or codes as userids, especially in large organizations where name-based userids might conflict.
• Department Prefixes: Userids might include department or organizational prefixes. For example, "DEVJSMITH" for a developer named John Smith.
• Sequential Numbers: When name-based userids conflict, organizations may append numbers. For example, "JSMITH", "JSMITH2", "JSMITH3".

Your system administrator will assign your userid according to your organization's conventions. You typically cannot choose your own userid, though you may be able to request a specific format.

Userid Usage

Your userid appears in many places throughout the mainframe system:

• Dataset Names: When you create datasets, your userid often appears as the high-level qualifier (first part) of the dataset name. For example, if your userid is "JSMITH", your datasets might be named "JSMITH.SOURCE.COBOL" or "JSMITH.TEST.DATA".
• Job Output: When you submit batch jobs, your userid appears in job names, job output, and system messages. This helps identify which jobs belong to which user.
• Security Records: Your userid is used in security system records to track your access, permissions, and activities. Security systems like RACF use userids to manage authorization and audit access.
• System Messages: System messages and error messages often include your userid to identify who the message is for or which user's operation caused the message.
• Resource Identification: Your userid helps identify resources allocated to you, such as temporary datasets, spool files, and session resources.

TSO Profiles

A TSO profile is a dataset that stores your personal TSO settings and preferences. The profile is automatically loaded when you log on and customizes your TSO environment according to your preferences. Understanding profiles helps you personalize your mainframe experience and work more efficiently.

What is Stored in a Profile

TSO profiles contain various settings that control your session behavior:

• Default Dataset Prefix: The default high-level qualifier used when you specify dataset names without a fully qualified name. For example, if your prefix is "JSMITH", typing "SOURCE.COBOL" is interpreted as "JSMITH.SOURCE.COBOL".
• Terminal Characteristics: Settings that control how your terminal behaves, including screen size, character set, and display options. These settings ensure your terminal emulator works correctly with the mainframe.
• Command Aliases: Short names or abbreviations for commonly used commands. For example, you might define "E" as an alias for "EDIT", allowing you to type "E" instead of "EDIT".
• Session Parameters: Various parameters that control session behavior, such as message levels, command processing options, and resource limits.
• Environment Variables: Variables that control application behavior and provide default values for operations. These variables can be set in your profile and used by TSO commands and applications.

Profile Dataset Name

TSO profiles are stored in datasets with specific naming conventions. The most common profile dataset name is:

1
USERID.PROFILE

Where USERID is replaced with your actual userid. For example, if your userid is "JSMITH", your profile dataset would be "JSMITH.PROFILE".

Some systems may use variations like:

• USERID.PROFILE.EXEC (if stored as a CLIST)
• USERID.PROFILE.REXX (if stored as a REXX exec)
• System-specific naming conventions

Your system administrator can tell you the exact naming convention used in your environment.

Creating and Modifying Your Profile

If you don't have a profile, TSO uses system defaults. You can create a profile to customize your environment. Profiles are typically created using the TSO PROFILE command or by editing the profile dataset directly.

To view your current profile settings, you can use:

1
PROFILE LIST

This command displays your current profile settings. To modify settings, you can use the PROFILE command with specific parameters, or edit your profile dataset using ISPF Edit.

Common profile modifications include:

• Setting Default Prefix: Use "PROFILE PREFIX(USERID.DATA)" to set your default dataset prefix. This means when you type a dataset name without a fully qualified name, TSO automatically prefixes it with your specified prefix.
• Defining Command Aliases: Use "PROFILE ALIAS(aliasname command)" to create command aliases. For example, "PROFILE ALIAS(E EDIT)" creates an alias "E" for the "EDIT" command.
• Setting Terminal Characteristics: Use "PROFILE TERMINAL(characteristics)" to set terminal options. Terminal characteristics control screen size, character encoding, and display options.

Changes to your profile are typically saved automatically and take effect in your next session, or you can reload your profile in the current session.

Profile vs. ISPF Profile

It's important to distinguish between TSO profiles and ISPF profiles, as they serve different purposes:

• TSO Profile: Controls TSO-level settings like default dataset prefixes, command aliases, and terminal characteristics. The TSO profile is loaded when you log on to TSO, before you invoke ISPF.
• ISPF Profile: Controls ISPF-specific settings like editor preferences, function key assignments, color schemes, and ISPF menu customizations. The ISPF profile is loaded when you invoke ISPF and is separate from the TSO profile.

Both profiles work together to customize your mainframe environment. TSO profile settings affect your TSO session, while ISPF profile settings affect your ISPF interface.

TSO Session Management

Understanding how to manage your TSO session is important for efficient mainframe work. Session management includes knowing how to check your session status, manage resources, and properly end your session.

Session Status and Information

You can check information about your TSO session using various commands:

• WHO: Displays your userid and session information. Typing "WHO" shows your userid, terminal ID, and other session details.
• PROFILE LIST: Shows your current profile settings, as discussed earlier.
• LISTCAT: While primarily for listing catalog entries, it can show information about your allocated datasets, which gives insight into your session's resource usage.

These commands help you understand your current session state and troubleshoot issues.

Session Resources

Your TSO session uses various system resources:

• Memory: TSO allocates memory for your session to store variables, command history, and session data. Memory usage depends on your activities and the programs you run.
• Datasets: Your session may have datasets allocated (opened) for editing, browsing, or other operations. These allocations consume system resources.
• Terminal I/O: Your terminal connection uses network and system resources for input and output operations.
• Spool Space: If you submit batch jobs, output is stored in spool space associated with your userid.

Properly ending your session releases these resources for use by other users.

Ending Your Session

To properly end your TSO session, use the LOGOFF command:

1
LOGOFF

Type "LOGOFF" at the TSO READY prompt and press Enter. The system will:

• Close any open datasets and release allocations
• Save any pending changes (if applicable)
• Clean up session resources
• Terminate your connection
• Display a logoff message

If you're in ISPF when you want to log off, you need to exit ISPF first. Press PF3 (or F3) multiple times to exit ISPF and return to the TSO READY prompt, then type LOGOFF.

It's important to always use LOGOFF to end your session rather than just closing your terminal emulator. Using LOGOFF ensures proper cleanup of resources and prevents session timeouts or resource leaks.

Session Timeouts

TSO sessions may automatically timeout after a period of inactivity. If you don't interact with the system for a specified time (often 30 minutes to several hours, depending on system configuration), your session may be automatically terminated. This is a security and resource management feature.

If your session times out, you'll need to log on again. Some systems may display a warning message before timeout, giving you a chance to interact and reset the timeout timer.

Common Logon Issues and Solutions

Understanding common logon problems and their solutions helps you troubleshoot issues quickly:

Invalid Userid or Password

If you receive an "Invalid userid" or "Invalid password" error:

• Check Spelling: Verify you're typing your userid and password correctly. Userids and passwords are case-sensitive in some contexts, so check capitalization.
• Password Expiration: Your password may have expired. Contact your system administrator to reset it, or use password change procedures if available.
• Account Locked: After multiple incorrect password attempts, your account may be locked for security. Contact your system administrator to unlock it.
• Account Disabled: Your account may have been disabled. Contact your system administrator to verify your account status.

Connection Issues

If you can't connect to the mainframe:

• Network Connectivity: Verify your network connection and that you can reach the mainframe. Check firewall settings and VPN connections if required.
• Terminal Emulator Configuration: Verify your terminal emulator is configured with the correct hostname, IP address, and port number.
• Mainframe Availability: The mainframe system may be down for maintenance. Check with your system administrator or check system status pages if available.

Session Initialization Errors

If logon starts but fails during initialization:

• Profile Issues: Your profile dataset may be corrupted or have errors. Contact your system administrator to check your profile.
• Resource Limits: You may have reached resource limits (too many active sessions, dataset allocations, etc.). Close other sessions or contact your system administrator.
• System Resources: The system may be experiencing resource constraints. Try again later or contact your system administrator.

Best Practices for TSO Sessions

Following best practices helps ensure secure, efficient TSO sessions:

• Always Use LOGOFF: Always use the LOGOFF command to end your session rather than just closing your terminal. This ensures proper resource cleanup.
• Protect Your Password: Never share your password or write it down. Change your password regularly according to organizational policies.
• Secure Your Terminal: Don't leave your terminal unattended while logged on. Lock your workstation or log off if you'll be away.
• Customize Your Profile: Create and customize your TSO profile to improve productivity. Set useful defaults and aliases that match your work patterns.
• Monitor Resource Usage: Be aware of your session's resource usage. Don't allocate unnecessary datasets or leave unused resources allocated.
• Keep Sessions Active: If you need to keep a session active, periodically interact with it to prevent timeout. However, don't keep sessions open unnecessarily.

Explain Like I'm 5: TSO Logon

Imagine the mainframe is like a big building with a security guard at the front door:

• Your Userid is like your name badge. When you show up at the building, you tell the guard your name (your userid) so they know who you are.
• Your Password is like a secret code word. After you tell the guard your name, you whisper the secret code (your password) to prove you're really you and not someone pretending to be you.
• Logging On is like the guard checking your name and code word, then giving you a key card (starting your session) that lets you go into the building and use the rooms (run programs and edit files).
• Your Profile is like your preferences card that tells the building what you like—maybe you like Room 2 (your favorite dataset prefix) or you want the lights set a certain way (your terminal settings).
• LOGOFF is like returning your key card when you're done. You give it back to the guard (type LOGOFF) so someone else can use it, and the guard makes sure you didn't leave anything behind (cleans up your session).

So logging on is like getting permission to enter the building, and your userid and password are how you prove you're allowed to be there!

Practice Exercises

Complete these exercises to reinforce your understanding of TSO logon and session basics:

Exercise 1: Logon Process Documentation

Document the complete TSO logon process from your environment. Include screenshots or descriptions of each step: connection, userid entry, password entry, and the READY prompt. Note any system-specific messages or screens you encounter. This documentation will help you understand your specific environment and can serve as a reference.

Exercise 2: Profile Investigation

Use the PROFILE LIST command to examine your current TSO profile settings. Document each setting and explain what it does. If you don't have a profile, research what settings you might want to configure and create a plan for setting up your profile. Identify which settings would be most useful for your work.

Exercise 3: Userid Analysis

Analyze your userid according to the characteristics discussed in this tutorial. Determine its length, identify any special characters, and try to determine what naming convention was used. If possible, compare your userid with colleagues' userids to identify patterns in your organization's naming conventions.

Exercise 4: Session Management Practice

Practice proper session management: log on, check your session status using the WHO command, examine your profile, perform some basic operations, and then properly log off using LOGOFF. Time how long each step takes and document the process. This helps you become comfortable with session management.

Exercise 5: Troubleshooting Scenarios

Research and document solutions for common logon issues in your environment. Create a troubleshooting guide that addresses: invalid userid/password errors, connection problems, session initialization failures, and timeout issues. Include contact information for your system administrator and any help desk resources available in your organization.

Related Concepts