You can control the use of most RACF® remote sharing facility (RRSF) functions through profiles in the RRSFDATA class.

When you set up RRSF, you need to think on a network level, rather than on a node level. For example, suppose users can't define associations or synchronize passwords on NODE1, but they can on NODE2. Susan has user IDs on NODE1 and NODE2. On NODE2, she can create an association with her NODE1 user ID and synchronize password changes she makes on NODE2 with her NODE1 user ID. She gets an association on NODE1 even though NODE1 doesn't allow her to set them up, and gets one-way password synchronization to her NODE1 user ID, even though NODE1 doesn't allow password synchronization.