z/OS Security Server RACF Security Administrator's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Activating LDAP change notification

z/OS Security Server RACF Security Administrator's Guide
SA23-2289-00

To activate LDAP change notification, define RACFEVNT class resources for the notifications you want and then activate the RACFEVNT class. (You need not define resources in the LDAPBIND class to enable LDAP change notifications.)

  1. Define the RACFEVNT class resources for the LDAP notifications you want by creating one or more discrete profiles or by creating a generic profile.

    There are two ways you might activate all supported LDAP notification types: defining multiple discrete profiles or defining one generic profile. Otherwise, define a subset of resources based on the LDAP notifications you want.

    Example showing multiple discrete profiles:
    RDEFINE RACFEVNT NOTIFY.LDAP.USER
RDEFINE RACFEVNT NOTIFY.LDAP.GROUP
RDEFINE RACFEVNT NOTIFY.LDAP.CONNECT
RDEFINE RACFEVNT NOTIFY.LDAP.FACILITY
    Example showing a generic profile:
    SETROPTS GENERIC(RACFEVNT)
RDEFINE RACFEVNT NOTIFY.LDAP.*

    You might also define a generic profile to activate multiple general resource classes. The following example activates the JES-related classes called JESINPUT, JESJOBS, and JESSPOOL.

    Example:
    SETROPTS GENERIC(RACFEVNT)
RDEFINE RACFEVNT NOTIFY.LDAP.JES*
  2. Activate the RACFEVNT class and optionally RACLIST it to improve performance.
    SETROPTS CLASSACT(RACFEVNT) RACLIST(RACFEVNT)
Parent topic: LDAP event notification

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014