Limiting when a user can access the system

Installations can limit a user's ability to log on by limiting:

The user's ability to log on to the system to certain days of the week, and certain hours within each day
The use of individual terminals (in the TERMINAL class only) to certain days of the week, and certain hours within each day

To limit the times during which a user can enter the system, use the WHEN operand on the ADDUSER and ALTUSER commands. For example, to specify that USER12 can enter the system only on weekdays between the hours of 7:00 a.m. and 5:00 p.m., enter:

ADDUSER USER12 WHEN(DAYS(WEEKDAYS) TIME(0700:1700))

Similarly, to control when users can access the system from a specific terminal, specify the WHEN operand on the RDEFINE and RALTER commands for the appropriate profile. For example, to specify that terminal TRM07C can be used at any time during the week, but not at all during the weekend, enter:

RDEFINE TERMINAL TRM07C WHEN(DAYS(WEEKDAYS))

Note that on the RDEFINE command, TIME(ANYTIME) is the default.

The WHEN operand on these commands (for both users and terminals) allows you to specify individual days and specific times within these days.

RACF® also provides support for installations that have terminals in different time zones by associating with each terminal its location relative to the local time where the processor complex on which RACF is executing is located.

Note: RACF does not provide any specific support for daylight savings time. If the installation changes the value of the local time (as given by the TIME macro) to accommodate daylight savings time, RACF automatically adjusts its time calculations accordingly. However, if any terminals are located in an area that does not follow the same time adjustment, you must adjust the terminal information.

For more information on the WHEN operand, see the command descriptions in z/OS Security Server RACF Command Language Reference.