Parameters

Work_area

The name of a 1024-byte work area for SAF and RACF® use. The work area must be in the primary address space.

ALET

The name of a fullword containing the ALET for the following parameter. Each parameter must have an ALET specified. Each ALET can be different. The words containing the ALETs must be in the primary address space.

SAF_Return_Code

The name of a fullword in which the SAF router returns the SAF return code.

RACF_Return_Code

The name of a fullword in which the service routine stores the return code.

RACF_Reason_Code

The name of a fullword in which the service routine stores the reason code.

Num_parms

The name of a fullword containing the number of parameters in the parameter list, including the Num_parms parameter. This number must be 14 for z/OS® Version 1, Release 7 or later.

Parm_ALET

The name of a fullword which must be in the primary address space and contains the ALET for the remaining parameters.

Function_code

The name of a half-word (2-byte) area containing the function code. Use the following values for z/OS Version 2, Release 7, or later:

X'0001' - Get Enterprise Identity Mapping (EIM) information

Get Enterprise Identity Mapping (EIM) information. This function is further defined by the Option parameter.

If the Option parameter is X'0001', return the LDAPBIND profile name from the Enterprise Identity Mapping (EIM) segment of the specified RACF_entity value, where RACF_entity identifies a RACF userid.
If the Option parameter is X'0002', return the local registry name, the Kerberos registry name, and the X.509 registry name from the Enterprise Identity Mapping (EIM) segment of the IRR.PROXY.DEFAULTS profile in the FACILITY class.
If the Option parameter is X'0003', return EIM and PROXY segment data:
- Distinguished name of the Enterprise Identity Mapping (EIM) domain
- Enterprise Identity Mapping (EIM) options
- The LDAP host name
- The distinguished name to use for LDAP binding
- Whether or not a password for LDAP binding has been specified (YES or NO)
for the specified RACF_class name and RACF_entity value, where RACF_entity identifies a RACF profile name.

Requested information will be returned in the Result_entries output area.

X'0002' - Retrieve REALM information

Return the value of the APPLDATA field from the profile in the REALM class with the profile name specified in the RACF_entity parameter.

The Option parameter must be 1 when the function code is X'0002'.

Option

The name of a half-word (2-byte) area containing an option value for the specified function code.

See Parameter usage for the function codes which the Option parameter applies. Valid option values and their effect on the specified function code are described above under the Function_code parameter.

RACF_entity

The name of a 247-byte area, which consists of a one-byte length field followed by up to 246 characters. This field is used to identify the RACF entity for information retrieval.

For Function_code X'0001', Get Enterprise Identity Mapping (EIM) information.

When the Option parameter is X'0001', this field is a RACF user ID.
When the Option parameter is X'0002', this field is the name of a profile in the REALM class.
When the Option parameter is X'0003', this field is a RACF profile name.

RACF_class

The name of an 8-byte area containing a RACF class name. The class name is assumed to be :

Left justified.
Padded to the right with blanks.
Specified in uppercase.
A static IBM® class name, a static installation-defined class name, or a dynamically defined installation class name.
A general resource class. It cannot be a USER, GROUP, or DATASET.
If function code is X'0002', this field must specify REALM padded with blanks to 8 bytes.

Result_entries

The name of an area for information to be retrieved. On input, the first 4 bytes of this area contain the length of the area. The format of the Result_entries structure is:

DEC OFFSET	HEX OFFSET	TYPE	LENGTH	NAME	DESCRIPTION
0	0	STRUCTURE	28	ResultArea	R_Getinfo result area
0	0	UNSIGNED	4	ResultAreaLen	Length of result area
4	4	UNSIGNED	4	ResultAreaUsed	Length of result area used
8	8	CHARACTER	20	*	Reserved
28	1C	CHARACTER	0	ResultAreaData	Function specific result data

When the Function_code is X'0001', Get Enterprise Identify Mapping (EIM) information and Option is X'0001', the function specific result data (ResultAreaData) will be mapped as follows:

DEC OFFSET	HEX OFFSET	TYPE	LENGTH	NAME	DESCRIPTION
0	0	STRUCTURE	249	ProfData	LDAPBIND profile result data
0	0	UNSIGNED	2	ProfLen	LDAPBIND profile length
2	2	CHARACTER	247	ProfName	LDAPBIND profile name

When the Function_code is X'0001', Get Enterprise Identify Mapping (EIM) information and Option is X'0002', the function specific result data (ResultAreaData) will be mapped as follows:

DEC OFFSET	HEX OFFSET	TYPE	LENGTH	NAME	DESCRIPTION
0	0	STRUCTURE	768	RegData	Registry name result data
0	0	CHARACTER	256	RegLocal	Local registry name
256	100	CHARACTER	256	RegKerb	Kerberos registry name
512	200	CHARACTER	256	RegX509	X.509 registry name

When the Function_code is X'0001', Get Enterprise Identify Mapping (EIM) information and Option is X'0003', the function specific result data (ResultAreaData) will be mapped as follows:

DEC OFFSET	HEX OFFSET	TYPE	LENGTH	NAME	DESCRIPTION
0	0	STRUCTURE	3205	SegData	Enterprise Identity Mapping (EIM) segment results data
0	0	UNSIGNED	4	SegOptions	OPTIONS field data: `X'55555555'(Enable) X'55555556'(Disable)`
4	4	CHARACTER	1024	SegDomainDN	DOMAINDN field data
1028	404	CHARACTER	1024	SegLDAPHost	LDAPHOST field data
2052	804	CHARACTER	1024	SegBINDDN	BINDDN field data
3076	C04	CHARACTER	129	SegBINDPW	BINDPW specified YES or NO

When the Function_code is X'0002', retrieve REALM information. the function specific result data (ResultAreaData) will be mapped as follows:

DEC OFFSET	HEX OFFSET	TYPE	LENGTH	NAME	DESCRIPTION
0	0	FIXED	4	RealmLen	Length of RealmName
4	4	CHARACTER	Variable up to 256	RealmName	Realm Name