z/OS Security Server RACF Security Administrator's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


DIGTNMAP general resource profiles

z/OS Security Server RACF Security Administrator's Guide
SA23-2289-00

RACDCERT MAP processing automatically creates mapping profiles in the DIGTNMAP class for each certificate name filter you create. When you map a certificate name filter to a RACF® user ID, both the filter and the user ID are stored in the mapping profile. DIGTNMAP profiles should not be administered using the RDEFINE, RALTER or RDELETE commands. These commands do not operate with the DIGTNMAP class.

The SEARCH FILTER and RLIST commands are not intended for use with profiles in the DIGTNMAP class and will deliver unpredictable results. These profiles can only be displayed using the RACDCERT LISTMAP command: For example:
RACDCERT ID(WEBUSER) LISTMAP
Based on the output of the RACDCERT LISTMAP command shown in Figure 1, there is one certificate name filter associated with the WEBUSER user ID.
Figure 1. Sample output from the LISTMAP command for an issuer's name filter
Mapping information for user WEBUSER:
 Label: INTERNET OTHERS
 Status: TRUST
 Issuer's Name Filter:
   >OU=VeriSign Class 1 Individual Subscriber.O=VeriSign, Inc.L=Internet<
 Subject's Name Filter:
   ><
See z/OS Security Server RACF Command Language Reference for more information about the RACDCERT LISTMAP command.
Parent topic: Creating certificate name filters

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014