Deciding how to specify the profile name

To define a generic profile you either include one or more generic characters (%, *, **) in the profile name or you specify the profile as a generic profile.

You can use the following generic characters when naming generic profiles:

% (percent sign)

A percent sign matches one and only one character. For example, a generic data set profile named AB.CD.% protects data sets named AB.CD.E and AB.CD.F, but not AB.CD.EF.

* (asterisk)

An asterisk used as a qualifier in the middle of a profile name (for example, ABC.*.DEF) matches one and only one qualifier.

An asterisk used as a character at the end of a qualifier in the middle of a profile name (for example, ABC.DE*.FGH) matches zero or more characters until the end of the qualifier.

An asterisk used at the end of a profile name has different meanings depending upon whether enhanced generic naming (EGN) is active.

When enhanced generic naming is not active:
- An asterisk used as a character at the end of a profile name (for example, ABC.DEF*) matches zero or more characters until the end of the name, zero or more qualifiers until the end of the name, or both.
- An asterisk used as a qualifier at the end of a profile name (for example, ABC.DEF.*) matches one or more qualifiers until the end of the name.
When enhanced generic naming is active:
- An asterisk used as a character at the end of a profile name (for example, ABC.DEF*) matches zero or more characters until the end of the qualifier.
- An asterisk used as a qualifier at the end of a profile name (for example, ABC.DEF.*) matches one and only one qualifier.

To find out whether EGN is active at your installation, ask your security administrator.

** (double asterisk)

A double asterisk matches zero or more qualifiers. For example, a generic data set profile named AB.CD.** protects data sets named AB.CD, AB.CD.EF, and AB.CD.EF.XYZ.

Note: The double asterisk (**) is allowed with the DATASET class if enhanced generic naming (EGN) is active. Ask your security administrator if EGN is active at your installation.

If a data set matches more than one generic profile, the most specific profile sets the level of protection for the data set. For example, assume there are two generic profiles, USERID.** and USERID.GAMES.*. A data set named USERID.GAMES.INDOOR would be protected by profile USERID.GAMES.*. Profile USERID.** would not protect the data set.

To create a generic profile for your user data set, the high-level qualifier must be your user ID. For example, for user ASMITH to protect data set ASMITH.PROJ.ONE, ASMITH must specify a profile name beginning with ASMITH (such as ASMITH.PROJ.* or ASMITH.PROJ.**).

You create a generic profile in the same manner as a discrete profile, except that you include one or more generic characters (% or *) in the profile name or you include the GENERIC keyword on the ADDSD command.

See Profile names for data sets for information about generic profile names with enhanced generic naming active and inactive.

How to specify the generic characters depends on whether your installation uses enhanced generic naming. Ask your RACF® security administrator if enhanced generic naming is active.

If enhanced generic naming is active, see Generic profile rules when enhanced generic naming is active for a description of how to specify generic characters in profile names.

If enhanced generic naming is not active, see Generic profile rules when enhanced generic naming is inactive for a description of how to specify generic characters in profile names.

Note: Profiles created before an installation converts to enhanced generic naming are not affected by the conversion. Profiles created after the installation converts to enhanced generic naming are governed by the new rules.