RACDCERT DELMAP (Delete mapping)

Purpose

Use the RACDCERT DELMAP command to delete a mapping for a user ID.

See UTF-8 and BMP character restrictions for information about how UTF-8 and BMP characters in certificate names and labels are processed by RACDCERT functions.

Issuing options

The following table identifies the eligible options for issuing the RACDCERT DELMAP command:

As a RACF® TSO command?	As a RACF operator command?	With command direction?	With automatic command direction?	From the RACF parameter library?
Yes	No	No. (See rules.)	No. (See rules.)	No
Rules: The following rules apply when issuing this command. The RACDCERT command cannot be directed to a remote system using the AT or ONLYAT keyword. The updates made to the RACF database by RACDCERT are eligible for propagation with automatic direction of application updates based on the RRSFDATA profiles AUTODIRECT.target-node.DIGTMAP.APPL and AUTODIRECT.target-node.DIGTCRIT.APPL, where target-node is the remote node to which the update is to be propagated.

Authorization required

To issue the RACDCERT DELMAP command, you must have the SPECIAL attribute or sufficient authority to the IRR.DIGTCERT.DELMAP resource in the FACILITY class for your intended purpose.

Table 1. Authority required for the RACDCERT DELMAP function
IRR.DIGTCERT.DELMAP
Access level	Purpose
READ	Delete a mapping associated with your own user ID.
UPDATE	Delete a mapping associated with another user ID or MULTIID.

Activating your changes

If the DIGTNMAP or DIGTCRIT class is RACLISTed, refresh the classes to activate your changes.

Example:

SETROPTS RACLIST(DIGTNMAP, DIGTCRIT) REFRESH

Related commands

To define a user ID mapping, see RACDCERT MAP.
To alter a user ID mapping, see RACDCERT ALTMAP.
To list a user ID mapping, see RACDCERT LISTMAP.

The RACDCERT DELMAP command is unrelated to the RACMAP DELMAP command.

Syntax

For the key to the symbols used in the command syntax diagrams, see Syntax of RACF commands and operands. The complete syntax of the RACDCERT DELMAP command is:


RACDCERT DELMAP[(LABEL('label-name'))]
[ID(mapping-owner) \| MULTIID]

If you specify more than one RACDCERT function, only the last specified function is processed. Extraneous keywords that are not related to the function being performed are ignored.

If you do not specify a RACDCERT function, LIST is the default function.

For information on issuing this command as a RACF TSO command, refer to RACF TSO commands.

Parameters

DELMAP

DELMAP(LABEL('label-name'))

Specifying label-name is required if more than one mapping is associated with the user ID. Note that mappings might also be deleted as part of DELUSER processing.

Important: If the user profile for the specified user ID no longer exists and you specify a label name, RACF searches all profiles in the DIGTNMAP class to locate and delete the orphaned DIGTNMAP profile. (An orphaned DIGTNMAP profile might result when a DELUSER command is issued from a downlevel system for a user ID that has an associated mapping.) This search might take an extended period of time.

ID(mapping-owner) | MULTIID

Specifies the user ID associated with the mapping. If you do not specify ID or MULTIID, the default is ID, and mapping-owner defaults to the user ID of the command issuer. If more than one keyword is specified, the last specified keyword is processed and the others are ignored by TSO command parse processing.

ID(mapping-owner): Specifies the user ID associated with the mapping.
MULTIID: Specifies that additional criteria is used to determine the user ID associated with the mapping.

Examples


Example 1	Operation	User RACFADM with SPECIAL authority has been notified that departments BWVB and BWVA have merged. The members of BWVA will be issued new digital certificates.
	Known	User RACFADM has SPECIAL authority.
	Command	`RACDCERT DELMAP(LABEL('BWVA USERS')) ID(BWVAUSR)`
	Output	None.