Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Scope of a group tree z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
The scope of a group tree includes the following user profiles:
The set of user profiles within scope of a group tree is the same set that applies when you authorize a user with the group-SPECIAL attribute. When you delegate by group tree, the user has authority only to resume user IDs and reset passwords and password phrases. By contrast, when you give a user the group-SPECIAL attribute, the user has full authority over the users within the scope of the group. For this reason, delegating by group tree is usually more appropriate for help desk personnel than authorizing them with the group-SPECIAL attribute. |
Copyright IBM Corporation 1990, 2014
|