z/OS Security Server RACF Callable Services
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Examples

z/OS Security Server RACF Callable Services
SA23-2293-00

The following examples are not coding samples. Rather, they demonstrate how to construct the input parameter list for a number of requests.

Example 1: Set various password policy controls.

Function code = ADMN_ALT_SETR 
* First, define the request header
HEADER  DS 0H
        DC CL10''         Unused
        DC AL2(0)         Not used on input
        DC AL2(1)         Number of segments (BASE only)
* First segment entry - BASE
BSEG    DC CL8'BASE'      BASE segment entry
        DC AL1(0)         Flag byte - ignored
        DC AL2(4)         Field count - 4
* First BASE segment field entry
BFLD1   DC CL8'HISTORY'   Password history field
        DC CL1'Y'         Flag byte - Y - create field
        DC AL2(2)         Length of field data
        DC CL2'14'        Field data
* Second BASE segment field entry
BFLD2   DC CL8'REVOKE'    Password revoke field
        DC CL1'Y'         Flag byte - Y - create field
        DC AL2(1)         Length of field data
        DC CL1'4'         Field data
* Third BASE segment field entry
BFLD3   DC CL8'WARNING'   Password warning field
        DC CL1'Y'         Flag byte - Y - boolean value
        DC AL2(2)         Length of field data
        DC CL2'10'        Field data
* Fourth BASE segment field entry
BFLD4   DC CL8'RULE1'     Password rule field
        DC CL1'Y'         Flag byte - Y - create field
        DC AL2(10)        Length of field data
        DC CL10'3:6 A*NV*A' Field data

Example 2: This is the same as example 1, but is shown in "rows", where a single line represents the request header, and individual segment and field entries. This convention will be used from this point on.

Function code = ADMN_ALT_SETR 
HEADER  DC CL10'',AL2(0),AL2(1)
BSEG    DC CL8'BASE',AL1(0),AL2(4)
BFLD1   DC CL8'HISTORY',CL1'Y',AL2(2),CL2'14'
BFLD2   DC CL8'REVOKE',CL1'Y',AL2(1),CL1'4'
BFLD3   DC CL8'WARNING',CL1'Y',AL2(2),CL2'10'
BFLD4   DC CL8'RULE1',CL1'Y',AL2(10),CL10'3:6 A*NV*A'

Example 3: This example refreshes in-storage profiles for a RACLISTed class, in this case, the FACILITY class.

Function code = ADMN_ALT_SETR 
HEADER  DC CL10'',AL2(0),AL2(1)
BSEG    DC CL8'BASE',AL1(0),AL2(2)
BFLD1   DC CL8'RACLIST',CL1'A',AL2(8),CL8'FACILITY'
BFLD2   DC CL8'REFRESH',CL1'Y',AL2(0)

Example 4: Add two classes to the list of active classes, remove two classes from the list of GENLISTed classes, and activate the setting which prevents the command issuer's user ID from being added to a new profile's access list (NOADDCREATOR).

Function code = ADMN_ALT_SETR 
HEADER  DC CL10'',AL2(0),AL2(1)
BSEG    DC CL8'BASE',AL1(0),AL2(3)
BFLD1   DC CL8'CLASSACT',CL1'A',AL2(14),CL14'UNIXPRIV FSSEC'
BFLD2   DC CL8'GENLIST',CL1'D',AL2(13),CL13'DASDVOL FIELD'
BFLD3   DC CL8'ADDCREAT',CL1'N',AL2(0)
Parent topic: SETROPTS administration

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014