Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Controlling automatic direction of application updates z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
Profiles, including generic profiles, in the RRSFDATA class control
which application updates get automatically directed to which nodes.
The format for the resource names for USER, GROUP, class descriptor
table (CDT) classes, and some DATASET updates is:
where:
The formats when you are using this syntax for automatic direction
of application updates in the DATASET class are:
where:
Use AUTODIRECT.target-node.DATASET.APPL to control automatic direction of application updates for DATASET when the request is RACROUTE REQUEST=EXTRACT, RACXTRT, or ICHEINTY. Use AUTODASD when:
Use AUTOTAPE when:
These profiles provide security for automatic direction of application
updates. An authorization check is made against these resource names
to determine if the user is allowed to make these updates. The application
updates are directed to the remote node if:
The RRSFDATA profile that protects AUTODIRECT.target-node.classname.APPL, AUTODASD.target-node.DATASET.APPL, or AUTOTAPE.target-node.DATASET.APPL is only checked on the node where the update originates. Once the update is propagated to another node, no AUTODIRECT authorization check is made on the receiving node. When automatic direction of application updates is enabled, private key information is not propagated. For more information, see Suppression of private key information propagation. |
Copyright IBM Corporation 1990, 2014
|