z/OS Security Server RACF General User's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Generic profile rules when enhanced generic naming is inactive

z/OS Security Server RACF General User's Guide
SA23-2298-00

In the DATASET class, you can use generic characters as follows:
  • Specify % to match any single character in a data set name
  • Specify * as follows:
    • As a character at the end of a data set profile name (for example, ABC.DEF*) to match zero or more characters until the end of the name, zero or more qualifiers until the end of the data set name, or both
    • As a qualifier at the end of a profile name (for example, ABC.DEF.*) to match one or more qualifiers until the end of the data set name
    • As a qualifier in the middle of a profile name (for example, ABC.*.DEF) to match any one qualifier in a data set name
    • As a character at the end of a qualifier in the middle of a profile name (for example, ABC.DE*.FGH) to match zero or more characters until the end of the qualifier in a data set name.
Note: For profiles in the DATASET class, the high-level qualifier of the profile name must not be, nor can it contain, a generic character—for example, *.ABC, AB%.B, and AB*.AB are not allowed.

The following tables are provided to show the variety of profiles that can be created by using generics, and by using enhanced generic naming. They also show the effects on profile protection if enhanced generic naming is turned off.

Table 1 and Table 2 provide examples of data set names using generic naming. Enhanced generic naming has not been turned on (SETROPTS NOEGN, the default, is in effect).

Table 1 and Table 2 provide examples of data set names with enhanced generic naming (SETR EGN is on).

Table 1. Generic naming for data sets with enhanced generic naming inactive: * at the end
Profile Name AB.CD* AB.CD.*
Resources protected by the profile

AB.CD
AB.CDEF
AB.CD.EF
AB.CD.XY
AB.CD.EF.GH

AB.CD.EF
AB.CD.XY
AB.CD.EF.GH
Resources not protected by the profile

ABC.DEF
ABC.XY.XY.DEF

AB.CD
AB.CDEF
ABC.DEF
AB.XY.XY.DEF
Table 2. Generic naming for data sets with enhanced generic naming inactive: * in the middle or %
Profile Name ABC.%EF AB.*.CD AB.CD*.EF
Resources protected by the profile

ABC.DEF
ABC.XEF

 AB.CD.CD

AB.CDEF.EF
AB.CDE.EF
Resources not protected by the profile

ABC.DEFGHI
ABC.DEF.GHI
ABC.DDEF

AB.CD
AB.CD.EF
AB.CDEF
ABC.DEF
ABC.XY.CD
AB.XY.XY.CD

 AB.CD.XY.EF
Parent topic: Profile names for data sets

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014