Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Automatic password direction z/OS Security Server RACF General User's Guide SA23-2298-00 |
|
Installations using automatic command direction can optionally use automatic password direction to maintain the synchronization of user passwords and password phrases between the same user IDs on different nodes. Automatic password direction does not require user ID associations. Instead, automatic password direction assumes that the same user IDs on different nodes belong to the same user. For example, suppose your installation is using automatic password direction and you have the user ID CLAIRE on three different nodes: NODE1, NODE2, and NODE3. When you change your password on NODE1, a password synchronization request is automatically directed to be processed for CLAIRE on NODE2 and CLAIRE on NODE3. You will receive a TSO SEND message on NODE1 telling you whether the password synchronization request completed successfully or unsuccessfully. In addition, depending on how automatic password direction is set up at your installation, the output from the password synchronization request is either discarded, sent to an administrator, or returned to you and appended in your RRSFLIST user data set. If automatic password direction is set up at your installation so that you receive this output and you do not have an RRSFLIST user data set, RACF® allocates one and adds the results. The RRSFLIST data set name is 'prefix.userid.RRSFLIST', where prefix is your TSO prefix at the time you changed your password. If prefix matches userid or if you specified PROFILE NOPREFIX via the TSO PROFILE command, the data set name used is 'userid.RRSFLIST'. You are responsible for maintaining this data set. If your data
set becomes full, the output is transmitted to your user ID. In order
for RACF to append to your
RRSFLIST user data set again, you must edit and delete some of the
returned output in this data set.
Note:
RRSF password synchronization requests run asynchronously; that is, the command issuer does not wait until the command completes processing, and results and output from the commands are returned as specified by the SET AUTOPWD command. Figure 1 shows the format of output produced by automatic password direction. The format of the output is the same for both your RRSFLIST data set and for the output transmitted when your data set is full. Figure 1. Automatic
password direction: sample output
|
Copyright IBM Corporation 1990, 2014
|