z/OS Security Server RACF General User's Guide
Previous topic |
Next topic
|
Contents
|
Contact z/OS
|
Library
|
PDF
Contents (exploded view)
z/OS Security Server RACF General User's Guide
SA23-2298-00
Abstract for Security Server RACF General User's Guide
z/OS Version 2 Release 1 summary of changes
What is RACF?
Identifying and verifying users
Authorizing users to access protected resources
Recording and reporting access attempts
Using RACF panels
Using RACF commands
RACF commands for general user tasks
Getting online help for RACF commands
Escaping from a command prompt sequence
Using command abbreviations
Directing commands
Automatic command direction
Getting help for RACF messages
Viewing notification messages
How am I defined to RACF?
Finding out if you are defined to RACF
Finding out how you are defined to RACF
Understanding the information RACF has about you as a user
Finding out what authority you have as a member of a group
Examples of output of the LISTUSER command
Example 1
Example 2
Finding out what CICS information RACF has about you
Finding out what custom field information RACF has about you
Finding out what DCE information RACF has about you
Finding out what distributed identity information RACF has about you
Finding out what DFSMSdfp information RACF has about you
Finding out what EIM information RACF has about you
Finding out what Kerberos information RACF has about you
Finding out what language information RACF has about you
Finding out what Lotus Notes information RACF has about you
Finding out what NetView information RACF has about you
Finding out what OpenExtensions information RACF has about you
Finding out what OPERPARM information RACF has about you
Finding out what z/OS UNIX information RACF has about you
Finding out what TSO/E information RACF has about you
Finding out what WORKATTR information RACF has about you
Finding out if your password is synchronized with other IDs
Finding out what user ID associations are defined for you
Automatic registration of digital certificates
Listing your digital certificate information
Changing how you are defined to RACF
Changing your password
Changing your password phrase
Synchronizing your passwords and password phrases
Automatic password direction
Logging on to TSO/E with a group other than your default group
Logging on with a security label other than your default security label
Allowing another user to submit your jobs
User ID associations
Defining a peer user ID association with password synchronization
Defining a peer user ID association without password synchronization
Defining a managed user ID association
Approving user ID associations
Deleting user ID associations
Protecting a data set
Choosing between discrete and generic profiles
Creating a discrete profile to protect a data set
Deciding which RACF protections to use
Entering the ADDSD command to create the profile for the data set
Creating a discrete profile for a cataloged data set
Creating a discrete profile for a data set that is not cataloged
Creating a discrete profile with a NOTIFY user ID
Creating a discrete profile for a VSAM data set
Creating a generic profile to protect a data set
Deciding how to specify the profile name
Deciding which RACF protections to use
Entering the ADDSD command to create the profile
Example 1. A generic profile for all data sets not otherwise protected
Example 2. A generic profile for data sets whose last qualifier is TESTDATA
Example 3. A generic profile for group data sets
Example 4. A fully-qualified generic profile
Finding out how a data set is protected
Finding out what data set profiles you have
Deleting a data set profile
Protecting data on tapes
Changing access to a data set
Changing the universal access authority to a data set
Permitting an individual or a group to use a data set
Using ID(*) in an access list
Denying an individual or a group use of a data set
Including the individual or group on the access list with ACCESS(NONE)
Removing the user or group from the access list
Protecting general resources
Searching for general resource profile names
Listing the contents of general resource profiles
Permitting an individual or a group to use a general resource
Denying an individual or a group use of a general resource
Including the individual or group on the access list with ACCESS(NONE)
Removing the individual or group from the access list
Reference summary
Access authority for data sets
Access authority for general resources
Profile names for data sets
Generic profile rules when enhanced generic naming is inactive
Generic profile rules when enhanced generic naming is active
When data set profile changes take effect
Automatic direction of application updates
Copyright IBM Corporation 1990, 2014