Start of changeUsing PassTicketsEnd of change

If your installation includes workstations and client machines that are operating in a client/server environment, you might want to use RACF® Start of changePassTicketsEnd of change to provide enhanced security across a network. Start of changeA PassTicketEnd of change provides an alternative to the RACF password and password phrase which allows workstations and client machines to communicate with a host without using a RACF password or password phrase.

Start of changeUse of a PassTicketEnd of change removes the need to send RACF passwords and password phrases across the network and allows you to move the user authentication part of signing on to a host from RACF to another product or function. End users of an application can use the PassTicket to authenticate their user IDs and log on to computer systems that contain RACF.

This chapter describes the PassTicket and how to set up the Start of changePassTicketEnd of change environment. It includes information about:
  • Activating the PTKTDATA class
  • Defining profiles in the PTKTDATA class
  • Start of changeHow RACF processes the PassTicketEnd of change
  • Enabling the use of PassTickets
  • Start of changeAuditing the use of PassTicketsEnd of change

For information about the programming that is needed for an application to generate a PassTicket, see z/OS Security Server RACF System Programmer's Guide.