The Security Server can be installed and run only on z/OS systems. However, your installation can share the RACF® database with a z/VM® system on which RACF for z/VM is running. A RACF database that is shared with a z/VM system can contain information about users and resources that is relevant only to that z/VM system. Although you can perform some RACF administration tasks for your z/VM system using commands you issue on z/OS, this publication library does describe those tasks. For complete information about administering RACF on z/VM, see the applicable RACF document in the z/VM library.

If your installation shares the RACF database with a z/VM system, administration of OpenExtensions for z/VM users and groups can be performed from your z/OS system. Note that changing OpenExtensions user identifiers (UIDs) and group identifiers (GIDs) creates corresponding updates in the VMPOSIX class profiles.

Deleting such profiles from the z/VM system will leave residual profile information in the shared RACF database that will cause inconsistencies with AIM processing. This might require you to recreate some profiles as part of a profile recovery action. For details, see "Recovering from errors with application identity mapping" in z/OS Security Server RACF System Programmer's Guide.