Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Permitting access to the IRR.RUSERMAP resource z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
Authorization to use the identity mapping service (IRRSIM00) is controlled through a RACF® general resource called IRR.RUSERMAP in the FACILITY class. You must define a profile to protect this resource and permit application user IDs to access the resource with READ authority. Important: Make sure an existing generic profile in the FACILITY class does not inadvertently grant this authority by default. Create a profile to protect the IRR.RUSERMAP resource with UACC(NONE) until you determine which applications require identity mapping. The following example protects the IRR.RUSERMAP resource in the
FACILITY class with UACC(NONE) and authorizes the group of application
servers called MAPGRP to use identity mapping.
|
Copyright IBM Corporation 1990, 2014
|