Listing information from RACF profiles

You can list the contents of profiles by using the LIST commands, as shown in Table 1.

Command output is in line mode unless you use ISPF panels. To capture the output of RACF® commands, do the following:

Use the TSO session manager to scroll through the output.
Submit a batch TMP job that issues RACF commands and save the held output.

As an alternative to the LIST commands, you can obtain this information from the output of the database unload utility, IRRDBU00. See Using the database unload utility output effectively.

Table 1. Commands to list profile contents
Command	Function
LISTDSD	Lists the contents of data set profiles and lets you determine which generic profile applies to a particular data set. The listing shows: Owner of the profile UACC Date the profile was created Users and groups that are authorized to access the data set Your highest access authority to the data set the security label (if there is one), and other information Other information See z/OS Security Server RACF Command Language Reference for a complete description of this listing.
LISTGRP	Lists the contents of group profiles. The listing shows: Owner of the group profile Superior group name Users connected to the group Subgroup names Other information See z/OS Security Server RACF Command Language Reference for a complete description of this listing.
LISTUSER	Lists the contents of user profiles. The listing shows: Owner of the profile User name Default group name Groups that a user is connected to Group authorities Date the password or password phrase was last changed Default security label Other information See z/OS Security Server RACF Command Language Reference for a complete description of this listing.
RACDCERT LIST	Lists digital certificate information. For each digital certificate, the listing shows: Serial number Issuer's distinguished name Status information Up to 256 bytes of the subject's name Label Validity information Key information Other information For an example of this listing, see Figure 1.
RACDCERT LISTRING	Lists key ring information. For each digital certificate in the ring, the listing shows: Ring name Label assigned to the certificate Owner of the certificate (ID(`name`), CERTAUTH or SITE) Usage within the ring Other information For an example of this listing, see Figure 2.
RACDCERT LISTMAP	Lists certificate name filter information. For each filter, the listing shows: Label assigned to the certificate name filter Trust status Issuer's name filter, if applicable Subject's name filter, if applicable Criteria information, if applicable For examples of this listing, see Figure 1 and Figure 2.
RACLINK LIST	Lists user ID associations. For each association, the listing shows: Type of association Node and user ID Whether password synchronization is enabled Status of the association For an example of this listing, see Listing user ID associations.
RACMAP LIST	Lists distributed identity filter information. For each filter, the listing shows: Label assigned to the distributed identity filter The distributed identity's user name Registry name For examples of this listing, see Distributed identity filters.
RLIST	Lists the contents of profiles for general resources such as tape volumes, DASD volumes, IMS™ transactions, and terminals. The listing shows: Owner of the profile UACC Date the profile was created Users and groups that are authorized to access the resource Your highest access authority to the resource Security label Other information See z/OS Security Server RACF Command Language Reference for a complete description of this listing.