Thursday, May 9, 2019

RACF User Profile Concepts

RACF User profiles contain information about the user. A user profile can be connected (please note the right term: connected, not defined) to several groups.

Among the important information in a user profile are:

  1. Userid - Identifies the user to the system.
  2. Name - Name of the user
  3. Owner - the userid or group that owns the userid profile. The owner can do anything to the profile. It can reset the password, revoke (meaning prevent the user from logging in to the system) and resume (allow the user to log in to the system).
  4. Default group - the group the user will be connected when it logs in to the system.
  5. Passdate - date when the password was last changed
  6. Pass-Interval - number of days before the user is required to change the password
  7. System Attributes - define specific functions a user can do. Some of the more common System attributes are:
    1. SPECIAL - the user has full control of the profiles system or group.
    2. OPERATIONS - the user has full control of the datasets within the system or group.
    3. AUDITOR - the user can read the profiles within the system or group.
  8. Groups connected - lists all the groups that the user is connected. It also shows the authority of the user within the group.
Groups are created to simplify administration of profiles.
  1. Listed below are the more common group authorities. A user can only have one of these authorities in the group:
    1. USE - the user can use the data sets of the group
    2. CREATE - the user can create data sets of the group
    3. CONNECT - the user can connect others users to the group
  2. Group Attributes - similar to system attributes but the scope of these are limited to the group.
  3. Revoke date - a user can be revoked in the group level. This means the user cannot connect to this group but can still connect to other groups.

No comments:

Post a Comment

Total Pageviews