z/OS Security Server RACF Security Administrator's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Steps for adding a dynamic class with a unique POSIT value

z/OS Security Server RACF Security Administrator's Guide
SA23-2289-00

Perform the following steps in this example to define a new class called PIX2004 that you will administer separately.
  1. Determine a unique POSIT value for the new profile. Evaluate the class entries in the dynamic CDT. Consult your system programmer to evaluate the class entries in the static CDT (modules ICHRRCDE and ICHRRCDX).

    ______________________________________________________________________

  2. Define the new class.
    Example:
    RDEFINE CDT PIX2004 UACC(NONE) 
   CDTINFO(DEFAULTUACC(NONE) FIRST(ALPHA) MAXLENGTH(42) OTHER(ALPHA,SPECIAL) 
   POSIT(303) 
   RACLIST(REQUIRED))
    Investigate any error messages issued by the RDEFINE command; some errors can prevent the class from being added to the dynamic CDT. Use the RALTER command to correct any errors in the profile.
    Tip: If you miss the error messages from the RDEFINE command, you can use the CDTINFO keyword, with no suboperands, on the RALTER command to initiate validation checking of the fields again. For example, to initiate validation for the command in this step, you can execute the following command.
    RALTER CDT PIX2004 CDTINFO
    Validation checking will be performed again, and any error messages will be issued again.

    ______________________________________________________________________

  3. Create the dynamic CDT.
    SETROPTS CLASSACT(CDT) RACLIST(CDT)
    Or, if the dynamic CDT was already active, refresh the dynamic CDT.
    SETROPTS RACLIST(CDT) REFRESH

    Again, investigate any error messages issued by the SETROPTS command because some errors can prevent the class from being added to the dynamic CDT.

    If you do not complete this step before proceeding, you will receive the following message when you execute the RDEFINE commands in Step 4.
    IKJ56702I INVALID CLASS, PIX2004

    ______________________________________________________________________

  4. Define profiles in the new class, as needed.
    Example:
    RDEFINE PIX2004 JANUARY.CATLG  UACC(NONE) 
RDEFINE PIX2004 FEBRUARY.CATLG UACC(NONE)

    ______________________________________________________________________

  5. Activate and RACLIST the new class.
    SETROPTS CLASSACT(PIX2004) RACLIST(PIX2004)

    ______________________________________________________________________

Parent topic: Adding a dynamic class with a unique POSIT value

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014