USERIDALIASTABLE

On most UNIX systems, you use lowercase IDs. With z/OS UNIX, typically you will use the uppercase user IDs and group names specified in your security database. In some cases, however, you might want to use lowercase or mixed case names in z/OS UNIX processing. Or perhaps certain names do not conform to your installation's naming conventions. You then need to create an alias table to associate lowercase or mixed case alias names with uppercase z/OS user ID and group names. Note that when lowercase or mixed case alias names are not found in the alias table, they are folded to uppercase.

Using the USERIDALIASTABLE statement degrades performance slightly. The more names that you define, the greater the performance degradation. Installations are encouraged to continue using uppercase-only user IDs and group names defined in their security databases.

Tip: The path name of the file should be /etc/tablename. This naming structure fits in with the IBM® strategy to place all customized data in the /etc directory. If a value for USERIDALIASTABLE is not specified, alias names are not used.

Formatting rules for the alias table:

You can include comment lines in the list. Each comment line must start with /* and end with */.
You must follow standard MVS™ user ID and group name naming conventions in the first column.
You must follow XPG4 standard naming conventions in the second column.
Do not enclose the names in quotation marks.
Each user ID or group name and associated alias name must be on a line by itself, with no comments.
The MVS user IDs and group names must be located in columns 1-8 and the associated aliases must be located on the same line in columns 10-17.
The MVS name and the alias name must be separated by 1 or more blanks.
The tags :user IDs and :groups must be used to delineate between user IDs and group names.
- If no tags are present in the file, then all names in the file are assumed to be user IDs.
- If there are any names listed before a tag, those names are considered to be user IDs.
- If a :userids tag is present, then all name lines following it and up to the next tag are considered to be user IDs.
- If a :groups tag is present, then all name lines following it and up to the next tag are considered to be group names.
- If specified, the tag must start in column 1.
- The tag names are not case-sensitive.

If the file does not follow these formatting rules, the alias name might not be recognized and various functions relating to the attempted use of the alias might fail.

The next example is a sample alias table for user IDs and group names.

/****************************************************************/
/*                                                               */
/*   Name: Sample user ID/group name alias table                 */
/*                                                               */
/*   Description:  Contains a list of MVS user IDs and their     */
/*                 associated alias names.                       */
/*                                                               */
/* Alias names can be constructed from uppercase and             */
/* lowercase alphabetic characters. Numbers from 0-9             */
/* can be used as well as the period, underscore, and            */
/* hyphen characters.  Do not use the hyphen as the first        */
/* character.                                                    */
/*                                                               */
/*****************************************************************/

/*****************************************************************/
/* Mixed case group names                                        */
/*****************************************************************/
 :Groups
 DEPTD10  DeptD10
 DEPTD20  DeptD20

/*****************************************************************/
/* Non-alphanumeric alias user IDs and group names               */
/*****************************************************************/
 :UserIDs
/*****************************************************************/
/* Mixed case alias names                                        */
/*****************************************************************/
 MYUSERID MyUserid

/*****************************************************************/
/* Easier to remember alias names                                */
/*****************************************************************/
 K61XDLBC Daniel

 JOEDOE   Joe_Doe
 MRDOE    Mr.Doe
 ABCD     A-B-C-D
 :groups
 DEVEL    OE-Dev
 TEST     OE_Test

For installation security reasons, you might have to use an alias table for user IDs. See Security requirements for ServerPac and CBPDO installation for more information.

Rule: You must protect the alias table for user IDs and group names. Only users with superuser authority should be given update access to it. All users should be given read access to the file.

Once a user is logged into the system, changing the alias table does not change the alias name immediately. Database queries, however, will yield the new alias if the user ID performing the query has read or execute access to the alias table. The table is checked every 15 minutes and refreshed if it has been changed. If a change needs to be activated sooner, you can use the following command:

SETOMVS USERIDALIASTABLE='/etc/tablename'

where /etc/tablename is the name of the alias table used for the user IDs.