z/OS UNIX System Services Planning
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Activating supplemental groups

z/OS UNIX System Services Planning
GA32-0884-00

When RACF® list-of-groups checking is active, a user can access z/OS UNIX resources if they are available to members of any group the user is connected to and if the group has a GID in its RACF group profile. The additional groups are called supplemental groups. To activate the RACF list-of-groups checking, specify the GRPLIST option on the RACF SETROPTS command.

Restrictions: Note these restrictions:
  • The maximum number of supplemental groups that can be associated with a process is 300.
  • NFS Client only uses the first 16 groups as supplemental groups when communicating with a remote NFS server.
  • A user can be connected to more than 300 groups, but only the first 300 group IDs are identified as the user's supplemental groups. When you issue a LISTUSER command, these are shown as associated with a user's process. It is recommended that all groups be assigned an OMVS GID.

For more information about list-of-groups checking, see z/OS Security Server RACF Security Administrator's Guide.

Parent topic: Using RACF with z/OS UNIX

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014