Automatically assigning unique IDs using RACF commands

RACF® can automatically generate a unique ID value in the OMVS segment of a user or group upon your request. Do this by defining a profile called BPX.NEXT.USER in the FACILITY class (see Setting up the BPX.NEXT.USER profile) and then specifying the following command options:

OMVS(AUTOUID) option of the ADDUSER and ALTUSER commands
OMVS(AUTOGID) option of the ADDGROUP and ALTGROUP commands

Examples:

ADDUSER  MARCY    OMVS(HOME(/u/marcy) PROGRAM(/bin/sh) AUTOUID)
ALTUSER  COLDEN   OMVS(AUTOUID)
ADDGROUP DACKS    OMVS(AUTOGID)
ALTGROUP FORTY6RS OMVS(AUTOGID)

Upon successful command completion, informational message IRR52177I is issued to indicate the assigned value.

Example:

IRR52177I User MARCY was assigned an OMVS UID value of 5344.

For the ALTUSER and ALTGROUP commands, the AUTOUID and AUTOGID options cannot be used to change the ID value if one exists for the user. However, it is not considered an error if the existing ID is unique, meaning it is not shared. If it is not unique, the command fails and message IRR52178I is issued.

If you attempt to use the AUTOUID or AUTOGID option with a list of users or groups, the command will fail with message IRR52184I being issued.

Example (incorrect):

ADDUSER (TOM DICK HARRY) OMVS(AUTOUID)

Notes®:

The RACF database must be at least at stage 2 of application identity mapping (AIM).
Implementing SHARED.IDS and BPX.NEXT.USER is a prerequisite to successful automatic assignment of unique UNIX identities.
The AUTOUID and AUTOGID operands cannot be specified with the SHARED operand. Doing so results in command failure and message IRR52186I being issued.
AUTOUID is ignored if UID or NOUID is specified.
AUTOGID is ignored if GID or NOGID is specified.

For more information on these commands, refer to the z/OS Security Server RACF Command Language Reference.