RACFSYNC
The RACFSYNC system initialization parameter specifies whether CICS® listens for type 71 ENF events.
- RACFSYNC={YES|NO|RACFDB2SYNC}
RACF® sends a type 71 ENF signal to listeners when a CONNECT, REMOVE, or REVOKE command changes a user's resource authorization. In addition, with RACF APAR OA58677 and SAF APAR OA58678, RACF sends a type 71 ENF signal to listeners when a user ID is revoked automatically as a result of too many failed password attempts.
When CICS receives a type 71 ENF event for a user ID, all cached user tokens for the user ID are invalidated, irrespective of the setting of the USRDELAY parameter. Subsequent requests from that user ID force a full RACF RACROUTE VERIFY request, which results in a refresh of the user's authorization level. User tokens for tasks that are currently running are not affected.
Note: Specify the RACFSYNC=NO parameter only under direction from IBM® Service.- YES
- CICS listens for type 71 ENF events.
- NO
- CICS does not listen for type 71 ENF events.
- RACFDB2SYNC
- CICS listens for type 71 ENF events. In addition to the function provided by specifying YES, CICS will also make DB2® threads for the associated userid issue a full signon when they are next reused.
Restrictions: You can specify the RACFSYNC parameter only in the system initialization table (SIT), the PARM parameter of the EXEC PGM=DFHSIP statement, or the SYSIN data set.