z/OS Security Server RACF System Programmer's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Format of the authorized-caller table

z/OS Security Server RACF System Programmer's Guide
SA23-2287-00

For each authorized caller (program), the RACF® authorized-caller table contains a 12-byte entry in the following format:
Length
Description
8
Caller name, left-justified and padded with blanks. (The last entry in the table must contain a blank caller name.)
4
Authorization code.

X'40000000' indicates that the caller is authorized to issue RACROUTE REQUEST=LIST.

X'80000000' indicates that the caller is authorized to issue RACROUTE REQUEST=VERIFY without the NEWPASS, PHRASE, NEWPHRASE, ICTX, ICRX, and IDID keywords.

The RACF authorized-caller table resides in the link pack area (LPA) in ICHAUTAB, which is an installation-replaceable module. To add an entry to the RACF authorized-caller table, you can do one of the following:
  • Use the SPZAP service aid to add the entry to the ICHAUTAB module that IBM® supplies. (See z/OS MVS Diagnosis: Tools and Service Aids for information on SPZAP.)
    Note: ICHAUTAB can handle up to six table entries. If your installation requires more than six, you must reassemble the ICHAUTAB module.
  • Reassemble the ICHAUTAB module with the new entry and link edit it again into the LPA. You can link ICHAUTAB with either RMODE=24 or RMODE=ANY.
Parent topic: Using the RACF authorized-caller table

Go to the previous page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014