Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Setting up the BPX.NEXT.USER profile z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
BPX.NEXT.USER is a FACILITY class profile that is used by RACF® to derive unused UID and GID values. Note that the FACILITY class does not have to be active for RACF to use BPX.NEXT.USER. When creating the BPX.NEXT.USER profile, generic characters cannot be used in the name. The APPLDATA field contains the starting UID or GID value or range of values separated by a forward slash (/). The starting value is the value RACF attempts to use in ID assignment, after determining that the ID is not in use. If it is in use, the value is incremented until an appropriate value is found. For example, to have RACF start automatic assignment with a UID value of 1 and a GID value of 0, issue: Example:
When
the maximum value of 2147483647 is reached, subsequent
automatic ID assignment attempts fail and message IRR52181I is issued.The starting value used is chosen at your discretion. For example, if UID values 0 - 2000 are already in use, and GID values 0 - 200 are already in use, you should use a UID starting value of 2001 and a GID starting value of 201. Example:
Specifying NOAUTO as a qualifier in the APPLDATA, or omitting the qualifier, prevents automatic ID assignment. For example, if you use employee serial numbers as the convention for assigning UIDs and do not want to use automatic assignment, but want to use automatic GID assignment starting at 3000, issue: Example:
Ranges can be useful in an RRSF environment. Specify a starting and ending value separated by a dash (–) if you want to include a range of values. Both values must be valid UID or GID values and the second must be greater than the first. Ranges can be specified independently for UIDs or GIDs. Examples:
Notes®:
|
Copyright IBM Corporation 1990, 2014
|