z/OS Security Server RACF Security Administrator's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Overview of custom fields

z/OS Security Server RACF Security Administrator's Guide
SA23-2289-00

Custom fields are fields within the RACF® database that you customize to store security information about the users and groups at your installation. You can tailor the names and attributes of custom fields. Once you define custom fields, use RACF commands, such as the ALTUSER and ALTGROUP to add data to custom fields.

For each custom field, you can customize the following attributes:
  • The name of the custom field, which is used as the RACF command operand for TSO/E commands.
  • The data type for the custom field. Choose character, numeric, hexadecimal, or flag (YES or NO) fields.
  • The help text for each custom field.
  • The output heading for LISTUSER and LISTGRP listings.
  • The acceptable values for the data in each field based on data type. You can customize several options, including the following:
    • For character fields, you can customize maximum length, restrict the character contents, and allow mixed-case characters.
    • For numeric fields, you can customize maximum value and minimum value.
    • For hexadecimal fields, you can customize the maximum length.

    Your installation can provide additional customization by tailoring exit routines to validate custom field data. For details, see "Custom field validation exit (IRRVAF01)" in z/OS Security Server RACF System Programmer's Guide.

Define custom fields and their attributes for user and group profiles using the RDEFINE command. Each custom field and its attributes is stored in the CFDEF segment of a general resource profile in the CFIELD class. (For details about naming the CFIELD profiles that define your custom fields, see Profiles in the CFIELD class.)

Add custom field data to user and group profiles using the ADDUSER or ALTUSER command for users, or the ADDGROUP or ALTGROUP command for groups. For example, if a custom field named DIVISION is defined at your installation, you might add a division name for a user by issuing the following command:

Example:
ALTUSER ROBIN CSDATA(DIVISION(SALES))

Custom field data in user and group profiles is stored in the CSDATA segment of these profiles. You can list custom field data using the CSDATA keyword of the LISTUSER and LISTGRP commands.

Parent topic: Defining and using custom fields

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014