Running the RACFDEL and RPIDELU EXECs

RACFDEL and RPIDELU are sample EXECs that are shipped on the RACF® product tape.

RACFDEL uses the work file produced by the RACUT100 EXEC (IRRUT100 SYSUT1) as input, and produces RACF commands in a file called RDEL CMDS as output.

Requirements for using RACFDEL are:

You must have the system-SPECIAL attribute.
RACFDEL cannot be run from either the primary or the backup RACF service machine.
Make sure that you have READ access to the file containing current output from the RACUT100 EXEC (the file is IRRUT100 SYSUT1).

RACFDEL prompts for:

The user ID to be deleted.
The user ID or group ID of a new owner for resources owned by the user being deleted. You can supply a single user ID to be the new owner of all the old user's resources, or you can supply a different user ID for each resource that needs a new owner.

RPIDELU executes the commands that RACFDEL produces. Like RACFDEL, you must have the system-SPECIAL attribute to use RPIDELU. Before you execute RPIDELU, examine the RACF commands in RDEL CMDS carefully. Some of the things you should look for are:

REMOVE from default group
Because RACFDEL cannot tell which group is the user's default group, RDEL CMDS will contain a REMOVE command to remove the user from his or her default group. When this command is executed, RACF will produce an error message. You can avoid this message (which can be ignored) by deleting the command that attempts to remove the user from his or her default group.
RDELETE for SURROGAT, VMBATCH, and VMRDR profiles
RDEL CMDS contains RDELETE commands to delete the profiles for the user's minidisks and SFS files and directories.

RDEL CMDS does not contain commands to delete LOGONBY.userid (SURROGAT), batch (VMBATCH), or reader (VMRDR) profiles. If you want to delete profiles for these resources from the RACF database, add the appropriate RDELETE commands to RDEL CMDS.

See step 5 under Deleting a User Manually for information about deleting BFS files and EXEC.Uuid and EXEC.Ggid profiles.