Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Directing commands z/OS Security Server RACF General User's Guide SA23-2298-00 |
|
The RACF® remote sharing facility (RRSF) lets you direct most RACF commands to be processed on a node and user ID other than the one you are currently logged on to. You can also direct a command to the user ID you are currently logged on to. Directed commands run asynchronously; that is, the command issuer does not wait until the command completes processing, and results and output from the commands are returned to the command issuer in a data set. z/OS Security Server RACF Command Language Reference lists the commands that can be directed. See User ID associations for information on creating the user ID associations necessary to direct commands. Also, you must have authorization to direct commands. If you are not sure whether you are authorized, contact your security administrator or see z/OS Security Server RACF Security Administrator's Guide for more information. You can use the AT keyword to direct allowed RACF commands to be processed under the authority of an associated user ID without actually logging on to that ID. Add the AT keyword to the end of any allowed RACF command and specify the node and user ID (node.userid) at which the command should be processed. A user ID association is required for all commands directed to another node or user ID, but it is not required if you are directing the command to the user ID you are currently logged on to. When you direct a command, the results are returned to you and are appended to the bottom of your RRSFLIST user data set. You receive a TSO SEND message telling you whether the directed command completed successfully or unsuccessfully. If you do not have an RRSFLIST user data set, RACF allocates one and adds the results. The RRSFLIST data set name is 'prefix.userid.RRSFLIST', where prefix is your TSO prefix at the time you issued the command. If prefix matches userid or if you specified PROFILE NOPREFIX on the TSO PROFILE command, the data set name used is 'userid.RRSFLIST'. You are responsible for maintaining this data set. If your data set becomes full, the output is transmitted to your user ID. In order for RACF to append to your RRSFLIST user data set again, you must edit and delete some of the returned output in this data set. If your RRSFLIST user data set is in use when the RACF remote sharing facility tries to append the results, RACF waits for a brief time and tries again. This could cause the results of directed commands to be appended out of sequence with the output that was returned. The following examples illustrate the format of the output produced
by directed commands. The format of the output is the same for both
your RRSFLIST data set and for the output transmitted when your data
set is full. Figure 1 shows the format of
output for this directed LISTGRP command:
Figure 2 shows the format of output for this directed
ADDSD command:
Figure 1. A
directed LISTGRP command: sample output
Figure 2. A
directed ADDSD command: sample output
|
Copyright IBM Corporation 1990, 2014
|