z/OS Security Server RACF General User's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Synchronizing your passwords and password phrases

z/OS Security Server RACF General User's Guide
SA23-2298-00

To synchronize your passwords and password phrases (that is, keep your passwords and password phrases automatically synchronized for two or more user IDs on the same system or on different systems), first you must establish peer user ID associations with password synchronization among the user IDs. Then, whenever you change the password or password phrase on one of the associated user IDs, RACF® automatically communicates the new password or password phrase to the RACF databases of the other user IDs. For more information about defining associations for your user ID, see User ID associations.

An installation can also maintain the synchronization of user passwords and password phrases between the same user IDs on different nodes by using automatic password direction. See Automatic password direction for additional information.
Note:
  1. User IDs do not have to have the same password or password phrase to request an association. Passwords and password phrases are synchronized automatically when either of the associated user IDs changes a password or password phrase after the peer association with password synchronization has been established.
  2. Password and password phrase changes are not repropagated. For example: 
    User1 has an established peer user ID association with password
   synchronization enabled with User2, but not with User3.

User2 has an established peer user ID association with password
   synchronization enabled with User1 and an established peer user
   ID association with password synchronization enabled with User3.

    If User1 changes his or her password, the new password is propagated to User2. Even though User2 has an established peer user ID association with password synchronization enabled with User3, the new password from User1 is not propagated to User3.

    But, if User2 changes his or her password, the new password is propagated to both User1 and User3. This occurs because User2 has an established peer ID association with password synchronization enabled with User1 and with User3.

Parent topic: Changing how you are defined to RACF

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014