Summary of rules for automatic direction of commands

Here is the processing flow of checks that are made to determine whether or not a command should be automatically directed:

When a command is issued:
- If AT is not specified, the command runs on the local node in the user's address space.
- If AT is specified, the command runs in the RACF® subsystem address space of the specified local or remote node.
- If appropriate, automatic direction of commands occurs from the node where the command executed.
The command is not automatically directed if any of these is true:
1. Automatic direction of commands is inactive.
2. The command return code is greater than 4.
3. The command has already been automatically directed.
4. The command is ineligible for automatic direction of commands. See Using automatic direction of commands for more information.
5. The RRSFDATA class is INACTIVE.
6. The RRSFDATA class is ACTIVE and an AUTODIRECT profile covering that command does not exist.
For each remote target node, the following occurs:
1. If the command issuer does not have at least READ authorization to RRSFDATA profile AUTODIRECT.target-node.classname.command-name, the command is not automatically directed to this node
2. If the command has passed all checks so far, it is sent to execute on the remote node under the authority of the same-named user ID on the remote node. The user ID is the user ID under which the command executed, which is not necessarily the command issuer (if the command was directed and then automatically directed, for example).
  For example, a command issued by and executed on LAURIE at NODE1 is automatically directed to LAURIE at NODE2. A command issued by LAURIE specifying AT(NODE2.ANDREW) is automatically directed to ANDREW at NODE1. No authorization check with the AUTODIRECT profiles is made on the receiving node.