Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Determining PTKTDATA profile names z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
A PTKTDATA class profile name can consist of one of the
following:
When the profile name consists of the application name and one or two qualifiers, the qualifiers are separated by a period. When a RACF connect group name and a RACF user ID are used as qualifiers, the group name must be appended to the application name and the user ID must be appended to the group name. According to this rule, the name structures in the following list
can be used as profile names in the PTKTDATA class. Any other name
structures will be ignored. In this example, the application name
is TSO1234, the user's current connect group name is SYS1, and the
user ID is IBMUSER:
When PassTicket generation is done by the RACF secured signon PassTicket generation service, only profiles with name structure 4, the unqualified application name, are used. All other name structures are ignored. When PassTicket evaluation occurs, multiple profiles can exist
that fit the particular application, user, and group specification.
When multiple profiles exist, RACF processing
is as follows:
Depending on the application (APPC, CICS®, IMS™, MVS™ batch, TSO, or VM), the secured signon function uses a specific method for determining profile names in the PTKTDATA class. If your application is other than those listed, see Other applications. Note: Check with your system programmer to see if your installation
is using RACF exit ICHRIX01
to modify the application name that RACF uses
during user verification processing. If so, the application name used
to determine the PTKTDATA class profile name for APPC, CICS, IMS, MVS batch, TSO, or VM applications must match
the application name ICHRIX01 selects.
For example, if the ICHRIX01 exit places the character string TSO1234 in the application name position of the exit parameter list, the application name position of the PTKTDATA class profile must also be TSO1234. |
Copyright IBM Corporation 1990, 2014
|