Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
User profiles z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
When you define a user to RACF®, you create a user profile in the RACF database. A user profile consists of a base segment and, optionally, any of the following segments: CICS®, CSDATA, DCE, DFP, KERB, LANGUAGE, LNOTES, NDS, NETVIEW, OMVS, OPERPARM, OVM, PROXY, TSO, and WORKATTR. Each segment of a user profile consists of fields. When you define a user's profile (using the ADDUSER command) or change a user's profile (using the ALTUSER command), you can specify the information contained in each field of each segment of the profile. To define or change information in a non-base segment of a user profile, including your own, you must have the SPECIAL attribute or at least UPDATE authority to the segment through field-level access checking. To list the contents of a user profile or the contents of individual segments of the user profile, use the LISTUSER command. To display the information in a non-base segment of a user profile, including your own, you must have the SPECIAL or AUDITOR attribute or at least READ authority to the segment through field-level access checking. Guideline: Use field-level access control to let users view, and optionally modify, some or all of the information in the non-base segments of their user profiles. For more information, see Field-level access checking, Controlling access to the DFP segment, and Field-level access checking for TSO. When you use the RACDCERT command to add a certificate definition
and associate it with a specified RACF-defined user ID, information
about the definition is added to the user profile. To see the certificate
definitions, enter:
To issue this command, you must have one of the following authorities:
When you use the RACDCERT command to add a certificate name filter
and associate it with a specified RACF-defined user ID, information
about the definition is added to the user profile. To see the certificate
name filter definitions, enter:
To issue this command, you must have one of the following authorities:
When you use the RACDCERT command to add a certificate key ring
and associate it with a specified RACF-defined user ID, information
about the definition is added to the user profile. To see the ring
definitions, enter:
To issue this command, you must have one of the following authorities:
When you use the RACLINK command to establish a user ID association,
information about the association is added to the user profile. To
see the user ID associations, enter:
For more information on how to use the ADDUSER, ALTUSER, LISTUSER, RACDCERT, and RACLINK commands, see z/OS Security Server RACF Command Language Reference. |
Copyright IBM Corporation 1990, 2014
|