Unique UIDs and GIDs can be generated on demand for users and groups that do not have OMVS segments defined. RACF® saves the generated UIDs and GIDs in new OMVS segments created for user and group profiles in the RACF database. For more information about , see z/OS Security Server RACF Security Administrator's Guide.

Automatic UID and GID generation is enabled when the BPX.UNIQUE.USER profile is defined in the FACILITY class. An optional model user (USER00) can be specified by the APPLDATA field for BPX.UNIQUE.USER. The OMVS segment from the model user is used to initialize new OMVS segments for the user profile; this includes all attributes (HOME, PROGRAM and user limits) except the UID.

The BPX.NEXT.USER profile in the FACILITY class is used by RACF to derive unused UID and GID values. The FACILITY class does not have to be active for RACF to use BPX.NEXT.USER. When creating the BPX.NEXT.USER profile, generic characters cannot be used in the name. The APPLDATA field for BPX.NEXT.USER can specify either a starting UID or GID value or range of values for generating unique UIDs and GIDs. After RACF determines the next unique UID, the UID is saved in the newly created OMVS segment for the user profile. Similar processing is done when a starting GID or range of values is specified; if the group associated does not have a GID, the GID is saved in a newly created OMVS segment for the group profile.

Figure 1 illustrates how the unique UID assignment process derives the UID and GID values from the BPX.NEXT.USER profile and saves the values in the OMVS segment for the user profile (MYUSER) and the OMVS segment for the group profile (MYGROUP). The figure also shows how a user profile indicated in the BPX.UNIQUE.USER profile can be the source of other OMVS information copied to the user profile (MYUSER).

Figure 1. How unique UIDs and GIDs are assigned

For the requirements to enable automatic UID and GID assignment, see the section on enabling the automatic assignment of UNIX identities in z/OS Security Server RACF Security Administrator's Guide.

You can specify the RACF string &racuid as a placeholder for the user ID in the home directory path name. When RACF creates the OMVS segment, it will substitute the user ID for which the OMVS segment is being created. When automount is implemented, a user file system will be is allocated, mounted, and assigned the user ID as its owner. For more information about specifying &racuid and considerations for sharing the RACF database, see the topic on automatic assignment in z/OS Security Server RACF Security Administrator's Guide.