z/OS Security Server RACF Command Language Reference
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Generic profile rules - enhanced generic naming inactive

z/OS Security Server RACF Command Language Reference
SA23-2292-00

In the DATASET class, you can use generic characters as follows:
  • Specify % to match any single character in a data set name
  • Specify * as follows:
    • As a character at the end of a data set profile name (for example, ABC.DEF*) to match zero or more characters until the end of the name, zero or more qualifiers until the end of the data set name, or both
    • As a qualifier at the end of a profile name (for example, ABC.DEF.*) to match one or more qualifiers until the end of the data set name
    • As a qualifier in the middle of a profile name (for example, ABC.*.DEF) to match any one qualifier in a data set name
    • As a character at the end of a qualifier in the middle of a profile name (for example, ABC.DE*.FGH) to match zero or more characters until the end of the qualifier in a data set name.
Note: For profiles in the DATASET class, the high-level qualifier of the profile name must not be, nor can it contain, a generic character - for example, *.ABC, AB%.B, and AB*.AB are not allowed.

Tables are provided to show the variety of profiles that can be created using generics, using enhanced generic naming, and what happens to the profile protection if enhanced generic naming is turned off.

Table 1 and Table 2 provide examples of data set names using generic naming. Enhanced generic naming has not been turned on (SETROPTS NOEGN, the default, is in effect).

Table 1 and Table 2 provide examples of data set names with enhanced generic naming (SETR EGN is on).

Table 3 and Table 4 provide examples of data set names if enhanced generic naming is turned off after being turned on. It is not recommended that you turn EGN off after you have turned it on.
Table 1. Generic naming for data sets with enhanced generic naming inactive - Asterisk at the end
Profile name AB.CD* AB.CD.*
Resources protected by the profile

AB.CD
AB.CDEF
AB.CD.EF
AB.CD.XY
AB.CD.EF.GH

AB.CD.EF
AB.CD.XY
AB.CD.EF.GH
Resources not protected by the profile

ABC.DEF
ABC.XY.XY.DEF

AB.CD
AB.CDEF
ABC.DEF
AB.XY.XY.DEF
Table 2. Generic naming for data sets with enhanced generic naming inactive - Asterisk or percent sign in the middle
Profile name ABC.%EF AB.*.CD AB.CD*.EF
Resources protected by the profile

ABC.DEF
ABC.XEF

AB.CD.CD

AB.CDEF.EF
AB.CDE.EF
Resources not protected by the profile

ABC.DEFGHI
ABC.DEF.GHI
ABC.DDEF

AB.CD
AB.CD.EF
AB.CDEF
ABC.DEF
ABC.XY.CD
AB.XY.XY.CD

AB.CD.XY.EF
Parent topic: Profile names for data sets

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014