Enabling Db2 to receive RACF PassTickets
Db2 supports the ability to receive RACF® PassTickets from remote requests.
About this task
Procedure
To enable a Db2 subsystem or data sharing group to receive PassTickets:
Example
The following example shows the RACF commands that define
a secured signon PTKTDATA profile for SYEC1GLU and that enable the new PTKTDATA
profile:
RDEFINE PTKTDATA SYEC1GLU SSIGNON(KEYMASKED(F0123456789ABCDE))
APPLDATA('NO REPLAY PROTECTION') SETROPTS RACLIST(PTKTDATA) REFRESH
What to do next
- To send RACF PassTickets from a Db2 subsystem or data sharing group, complete the steps in Enabling Db2 to send RACF PassTickets.
- If you are using RACF-protected user IDs, complete the steps in Enabling Db2 to receive PassTickets for RACF-protected user IDs (deprecated).
- If you are using PassTickets across a data sharing environment, complete the steps in Enabling caching of MFA-based authentication credentials for clients with sysplex workload balancing.