z/OS Security Server RACF Security Administrator's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Considerations for the DATASET class

z/OS Security Server RACF Security Administrator's Guide
SA23-2289-00

Because discrete DATASET profiles are closely tied to the data set they protect and DATASET profiles for tape data sets are closely tied to profiles in the TAPEVOL class, the following are important:
  • If a discrete profile is created without turning on the RACF® indicator bit for the data set in the VTOC or catalog entry, the profile is not found during authority checking.
  • If a discrete data set profile is renamed and the data set itself is not renamed, the discrete profile no longer is used for data set protection.
  • If a discrete data set profile is deleted and the data set itself is not deleted, its protection is likely to be changed to an existing generic profile.
  • Because RACROUTE REQUEST=DEFINE and RACDEF only manipulate the RACF profiles and do not modify the data set itself or its RACF indicator bit, it is not desirable to propagate these changes to a remote system.

Because these changes are controlled by the AUTODASD and AUTOTAPE profiles, it is not necessary to turn off propagation of AUTODIRECT.node.DATASET.APPL unless your own applications require this.

Parent topic: Using automatic direction of application updates

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014