z/OS Security Server RACF Security Administrator's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


The RACF remote sharing facility (RRSF)

z/OS Security Server RACF Security Administrator's Guide
SA23-2289-00

This topic describes aspects of the RACF® remote sharing facility (RRSF) that security administrators should be aware of.

The RACF remote sharing facility allows RACF to communicate with other MVS™ systems that use RACF, allowing you to maintain remote RACF databases. RRSF extends the RACF operating environment beyond the traditional single host and shared DASD environments, to an environment made up of RRSF nodes that are capable of communicating with one another. This support provides administration of multiple RACF databases from anywhere in the RRSF network.

Benefits of RRSF support for the security administrator include:
  • Administration from anywhere in the RRSF network.

    With RRSF, a security administrator logged on to one system in the RRSF network can direct allowed RACF TSO commands to remote RRSF nodes in the RRSF network. Administration of all the RACF systems in the RRSF network can take place from a single point of control.

  • User ID associations.

    By supporting user ID associations and password synchronization, RRSF gives users with multiple user IDs the option of keeping their user ID passwords automatically synchronized across multiple systems.

  • Automatic synchronization of databases. With automatic direction, RACF can keep databases synchronized automatically. When a command or application updates a database, RACF can automatically make the change to other databases.

RACF supports APPC and TCP/IP as network protocols that are used to connect one RRSF node to another. Your programmer determines which protocols are used. Your RRSF network might consist of any combination of APPC and TCP/IP node connections.

Using TCP/IP connections for RRSF nodes provides advantages over APPC such as improved overall security, including the availability of stronger encryption levels.

When your programmer implements TCP/IP for RRSF node connections, you must issue RACF commands to allow TCP/IP communication to take place between RRSF nodes. For instructions, see Establishing RACF security for RRSF TCP/IP connections.

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014