z/OS Security Server RACF Security Administrator's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Defining applications as RACF users

z/OS Security Server RACF Security Administrator's Guide
SA23-2289-00

Each NDS and Lotus Notes for z/OS server must be defined as a RACF® user, if not already defined. It can run as a job or a started procedure.

The following example shows RACF user IDs (LOTUS09 and NDS14, respectively) being defined for a Lotus Notes for z/OS server and a Novell Directory Services for OS/390 server. The user IDs are members of a RACF user group called MAPGRP, and the owner for all profiles is MAPADM.
ADDGROUP MAPGRP  OWNER(MAPADM)
ADDUSER  LOTUS09 GROUP(MAPGRP) OWNER(MAPADM)
ADDUSER  NDS14   GROUP(MAPGRP) OWNER(MAPADM)
If the application server executes as a batch job, the RACF user ID that is added is the user ID associated with the batch job. If the server executes as a started procedure, you must assign a RACF user ID using one of the following methods:
  • Add the procedure name as an entry in the STARTED class. (This is the preferred method.)
  • Add the procedure name in the RACF started procedure table (ICHRIN03), unless this table has already been modified by your installation to contain a generic entry.

In addition, you should assign the PROTECTED attribute to the user IDs that you associate with application servers. For more information, see Assigning RACF user IDs to started procedures.

Parent topic: Authorizing applications to use identity mapping

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014