Revoking Unused User IDs

The INACTIVE operand of the SETROPTS command causes RACF® to revoke the user's right to use the system if the user ID has remained unused beyond a specified number of days. RACF revokes the user the next time the user attempts to enter the system.

The following example specifies that RACF revoke a user ID if it is unused for over 30 days: 
SETROPTS INACTIVE(30)
Note:
  1. New users who never use the system are not revoked because of inactivity.
  2. If a user has not logged on (or submitted a job) in 31 days, and you issue the SETROPTS INACTIVE(30) command, that user will be considered revoked. However, the user will not actually be revoked and the output of the LISTUSER command will not show that the user is revoked until the user next attempts to log on (or submit a job).
  3. When you allow the user to once again start using the system (using the RESUME operand on the ALTUSER command), RACF resets the effective date with which the period of inactivity starts.

If NOINACTIVE is in effect, RACF does not check the user ID against an unused user ID interval.

If NOINITSTATS is in effect, the INACTIVE option cannot be used. See Collecting LOGON Statistics for more information.