The following example illustrates how automatic direction of commands
works:
- Suppose:
- NODE1, NODE2, and NODE3 are RRSF nodes that are operative targets
of each other.
- NODE2 and NODE3 have automatic command direction activated between
them with the following RRSFDATA class profiles:
- On NODE2: AUTODIRECT.NODE3.* with UACC(READ)
- On NODE3: AUTODIRECT.NODE2.* with UACC(READ)
- CHARLIE2 exists on NODE2 and NODE3, but with no user ID association
between nodes.
- CHARLIE2 on NODE2 issues the following command:
ADDUSER PREMA
- On NODE2, the ADDUSER PREMA command runs under the authority of
CHARLIE2.
- After the ADDUSER PREMA command runs successfully (under the authority
of CHARLIE2 at NODE2), it is automatically directed to NODE3.CHARLIE2.
- At NODE3, the ADDUSER PREMA command runs under the authority of
CHARLIE2.
Note: - The ADDUSER PREMA command is not automatically directed to NODE1.CHARLIE2
because there is no profile protecting the resource AUTODIRECT.NODE1.USER.ADDUSER.
- The destination of notification and output from the ADDUSER PREMA
command that ran on NODE3 is determined by what was specified on SET
AUTODIRECT command issued on NODE3.
- Once the ADDUSER PREMA command runs on NODE3, it is not automatically
directed back to NODE2. RACF® detects
that the command was already automatically directed, and does not
further send it to any other nodes.
z/OS Security Server RACF Security Administrator's Guide
Copyright IBM Corporation 1990, 2014