When an ABACKUP or ARECOVER command is issued, DFSMShsm passes the RACF® FACILITY class profile name for the command, along with the user’s or console operator’s user ID, to RACF for authorization checking. If authorization is denied by RACF, DFSMShsm rejects the request to issue the command. If RACF responds that no profile is defined for the command, DFSMShsm processes the request only if the user is a DFSMShsm-authorized user or a console operator. If the user is not a DFSMShsm-authorized user, DFSMShsm fails the request to issue the command. See Checking authorization during aggregate backup for a discussion of comprehensive and restricted ABACKUP and ARECOVER commands.