Controlling automatic direction of passwords

Profiles in the RRSFDATA class control which passwords and password phrases get automatically directed to which nodes. The format for the resource names are any of the following:

AUTODIRECT.target-node.USER.PWSYNC
AUTODIRECT.target-node.USER.PHRSSYNC

where:

target-node: Is the remote node where the command is to be directed

These profiles provide security for automatic password direction. An authorization check is made against these resource names to determine if the user's password and password phrase can be synchronized automatically. The password and password phrase change is directed to the remote node if:

SET AUTOPWD is in effect.
The RRSFDATA class has been activated.
There is a profile to cover any of the resources that control automatic password direction.
The user changing the password or password phrase has at least READ access to that resource.

You can use generic profiles to define these profiles. If the RRSFDATA class is inactive or if there is no RRSFDATA profile for automatic password direction, password and password phrase changes are not directed automatically.

The RRSFDATA profiles for automatic password direction are checked only on the node where the password is originally changed. Once the password or password phrase change is directed to another node, no authorization check is made on the receiving node.