Use the BPX.UNIQUE.USER profile instead of BPX.DEFAULT.USER
Description
Before z/OS® V1R11, if the BPX.DEFAULT.USER profile in the FACILITY class was defined, users who accessed z/OS UNIX services who did not have an OMVS user or group segment were assigned the default OMVS segments for the length of the user session. All users of the default OMVS segments shared the same UID and GID. As of z/OS V1R11, if BPX.UNIQUE.USER has been defined, users who access z/OS UNIX services who do not have an OMVS user or group segment are automatically assigned an OMVS segment with a unique UID and GID. The new OMVS segments are added to the user and group profiles in the RACF® database. As of z/OS V2R1, the support of BPX.DEFAULT.USER was removed.
Table 1 provides more details about this migration action. Use this information to plan your changes to the system.
| Element or feature: | z/OS UNIX. |
|---|---|
| When change was introduced: | z/OS V2R1. See IBM United States Software Announcement 211-007, dated February 15, 2011. |
| Applies to migration from: | z/OS V1R13. |
| Timing: | Before installing z/OS V2R2. |
| Is the migration action required? | Yes, if you use BPX.DEFAULT.USER profile in the FACILITY class. |
| Target system hardware requirements: | None. |
| Target system software requirements: | None. |
| Other system (coexistence or fallback) requirements: | None. |
| Restrictions: | You need AIM Stage 3 to use the BPX.UNIQUE.USER profile. You can run the IRRIRA00 utility to determine the current AIM Stage in your RACF database and increase the level to AIM Stage 3. |
| System impacts: | None. |
| Related IBM® Health Checker for z/OS check: | Use check ZOSMIGV2R1_DEFAULT_UNIX_ID introduced in APAR OA37164. This check determines if you are relying on assigning default z/OS UNIX identities for users without OMVS segments. |
Steps to take
Follow the steps in z/OS UNIX System Services Planning to set up the BPX.UNIQUE.USER profile. If BPX.DEFAULT.USER has not been deleted, BPX.UNIQUE.USER takes precedence when default OMVS segments are used.
RDELETE FACILITY BPX.DEFAULT.USER
SETROPTS RACLIST(FACILITY) REFRESHRACF APAR OA42554 provides assistance with the conversion to BPX.UNIQUE.USER on z/OS V1R13. With this APAR you can model the user's home directory path by specifying &racuid in the model user's OMVS segment. Then, when the user's OMVS segment is automatically created, RACF will substitute the correct user ID. For more information on this capability, see the information in APAR OA42554.