Creating the TMEADMIN class to associate a RACF user ID

To create the resource class EQQADMIN and map it to a RACF® user ID, perform the following steps:
  1. Make sure your operating system has the Security Server feature.
  2. Create the TMEADMIN class for mapping the administrator ID and host name to the RACF user ID.
    Note: If RACF is your security product and your operating system does not have the Security Server feature, you can use the supplied samples to create the following:
    • RACF TMEADMIN class EQQ9RFDE. Use the following macro, which you can access in the EQQ9RFDE member of SEQQSAMP library: 
      TMEADMIN ICHERCDE CLASS=TMEADMIN,
                             ID=129,
                             MAXLNTH=246,
                             FIRST=ALPHANUM,
                             OTHER=ANY,
                             POSIT= 26,
                             OPER=NO,
                             DFTUACC=NONE,
                             DFTRETC=8,
                             RACLIST=ALLOWED,
                             GENLIST=ALLOWED
    • RACF Router Table EQQ9RF01. Use the following macro, which you can access in the EQQ9RF01 member of SEQQSAMP library: 
           TAB18            ICHRFRTB  CLASS=TMEADMIN,ACTION=RACF
  3. Using RCAF TMEADMIN class, map the administrator ID to the RACF user ID. The RACF user ID is associated with the administrator defined at the workstation. Any administrative action is thereby traceable to the user issuing the request.
  4. Define a profile in the supplied resource class TMEADMIN for each administrator who is able to access Dynamic Workload Console.
    Note: In the following tasks, which are for mapping the administrator to RACF user IDs, it is recommended that each administrator maps to a unique RACF user ID.
  5. Activate the TMEADMIN class by typing the following command: SETROPTS CLASSACT (TMEADMIN).
  6. In the TMEADMIN class, use the following string to define a unique RACF user ID for each administrator who will perform Dynamic Workload Console operations: 
    userID@hostname
    For example, for a user with the identifier SCOT at the host pelican, you would use SCOT@pelican.
  7. Enter the following command to define a general resource profile in the TMEADMIN class to associate the administrator with a RACF user ID (in this example, SCOT): 
    RDEFINE TMEADMIN SCOT@hostname APPLDATA('SCOT')
    Note: The string SCOT@hostname is not case sensitive.
  8. Refresh the TMEADMIN class with the following command: 
    SETROPTS RACLIST(TMEADMIN) REFRESH
    If you experience problems using special characters to define a profile in the TMEADMIN class, use the following command instead: 
    SETROPTS GENERIC(TMEADMIN) REFRESH

Also, use the percent sign (%) instead of the special character. For example, for the Italian code page, the character @ (hex'B5') is not accepted by RACF. Therefore, use SCOT%pelican instead of SCOT@pelican.

When searching a list of TMEADMIN profiles for a match, RACF looks for the most similar generic profile.