If the profiles contain incorrect information, enter the appropriate
commands to correct the profiles. Example 1: During
REMOVE command processing, a failure occurs that causes the connect
entry for the user to be deleted but does not delete the user's user
ID from the group profile. In this case, reenter the REMOVE command.
Example
2: During DELUSER processing, a failure occurs that causes
the user's profile to be removed, but the user ID remains in the default
group. In this case, enter the CONNECT command with the REVOKE operand
to remove the user ID from the default group.
Example
3: During ADDSD command processing, a failure occurs that
causes the RACF-protected indicator in the DSCB (or catalog) to be
set but prevents the creation of the data set profile. In this case,
enter the ADDSD command with the NOSET operand to create the data
set profile.
Example 4: During DELDSD command
processing, a failure occurs that causes the RACF-protected indicator
in the DSCB (or catalog) to be set off but does not delete the data
set profile from the RACF data
set. In this case, enter the DELDSD command with the NOSET operand.
Example
5: During ADDUSER command processing for the command:
ADDUSER SIVLE OVM(UID(10))
a
failure occurs that causes the user's profile to be created without
creating the corresponding U10 mapping profile in the VMPOSIX class.
In this case, enter:
RDEFINE VMPOSIX U10 UACC(NONE)
PERMIT U10 CLASS(VMPOSIX) ID(SIVLE) ACCESS(NONE)
PERMIT U10 CLASS(VMPOSIX) ID(your-id) DELETE
If
the NOADDCREATOR option is in effect, the PERMIT command to delete
authorization for your user ID is not necessary. If another user already
has a UID of 10, the VMPOSIX profile probably exists, and the RDEFINE
command is not necessary. For more information on VMPOSIX mapping
profiles, see
RACF Security Administrator's Guide for RACF 1.10 for VM. For more information
on the NOADDCREATOR option, see
z/OS Security Server RACF Security Administrator's Guide. For
information on the ADDCREATOR and NOADDCREATOR keywords on the SETROPTS
command, see
z/OS Security Server RACF Command Language Reference.
Example
6: During ADDUSER command processing for the command:
ADDUSER DCEUSR DCE(UUID(004386ea-ebb6-1ec3-bcae-10005ac90feb))
a
failure occurs that causes the user's profile to be created without
creating the corresponding 004386ea-ebb6-1ec3-bcae-10005ac90feb mapping
profile in the DCEUUIDS class. In this case, enter:
RDEFINE DCEUUIDS 004386ea-ebb6-1ec3-bcae-10005ac90feb UACC(NONE)
APPLDATA('DCEUSR')
Example 7:
During ADDUSER command processing for the command:
ADDUSER USER0131 OMVS(UID(0))
a
failure occurs and messages ICH51011I, ICH01010I, and IRR419I are
issued, indicating that an alias index entry has reached its maximum
size and no additional users can be associated with the UID. Although
the user profile is created with the UID field complete, processing
failed before the mapping profile, alias index, or connect link to
the default group was defined. The simplest solution is to delete
the user:
DELUSER USER0131
Expect message
ICH04002I even though the profile is successfully deleted. The message
results from RACF's detection of the missing connect link. You can
now add the user again, specifying a different UID.