If you have a DASD problem or have a need for offline diagnosis of the RRSF VSAM data sets, RACF® has an APF-authorized utility called IRRBRW00 that allows you to dump the RACF data contained within the VSAM data sets. Because this utility provides the capability to dump sensitive RACF data such as RACF command text and returned output, be careful to control access to this utility.

To prevent inadvertent disclosure of the data in the VSAM data sets, RACF requires that a user obtain read access to the resource name IRRBRW00 in the RRSFDATA class so the IRRBRW00 utility can be run. If the class is not active or no profile is defined, the user is denied access to run the utility. The user also needs RACF access to the VSAM data set to be dumped. VSAM data sets can be protected by using profiles in the DATASET class. See for more information about data set names.

To ensure the integrity of the data in these files, set up these profiles and limit the access to only those with a need. You can use the RACF TARGET command to determine the VSAM data set names being used by the RACF remote sharing facility.

The IRRBRW00 utility is provided for diagnostic purposes only. For complete instructions on running IRRBRW00, see the RACJCL member of SYS1.SAMPLIB and read the IRRBRW00 sample.