RACDCERT LISTMAP (List mapping)
Purpose
Use the RACDCERT LISTMAP command to display information about the specified mapping, or all mappings, for a user ID.
See UTF-8 and BMP character restrictions for information about how UTF-8 and BMP characters in certificate names are displayed using RACDCERT functions.
Issuing options
| As a RACF® TSO command? | As a RACF operator command? | With command direction? | With automatic command direction? | From the RACF parameter library? |
|---|---|---|---|---|
| Yes | No | No. (See rules.) | No. (See rules.) | No |
- The RACDCERT command cannot be directed to a remote system using the AT or ONLYAT keyword.
- The updates made to the RACF database by RACDCERT are eligible for propagation with automatic direction of application updates based on the RRSFDATA profiles AUTODIRECT.target-node.DIGTMAP.APPL and AUTODIRECT.target-node.DIGTCRIT.APPL, where target-node is the remote node to which the update is to be propagated.
Authorization required
| IRR.DIGTCERT.LISTMAP | |
|---|---|
| Access level | Purpose |
| READ | List mapping information associated with your own user ID. |
| UPDATE | List mapping information associated with another user ID or MULTIID. |
Related commands
- To define a user ID mapping, see RACDCERT MAP.
- To alter a user ID mapping, see RACDCERT ALTMAP.
- To delete a user ID mapping, see RACDCERT DELMAP.
The RACDCERT LISTMAP command is unrelated to the RACMAP LISTMAP command.
Syntax
For the key to the symbols used in the command syntax diagrams, see Syntax of RACF commands and operands. The complete syntax of the RACDCERT LISTMAP command is:
|
If you specify more than one RACDCERT function, only the last specified function is processed. Extraneous keywords that are not related to the function being performed are ignored.
If you do not specify a RACDCERT function, LIST is the default function.
For information on issuing this command as a RACF TSO command, refer to RACF TSO commands.
Parameters
- LISTMAP
- LISTMAP(LABEL('label-name'))
- Tip: Omit
LABEL to list all mappings associated with the specified user ID. If the mapping cannot be listed because the DIGTNMAP profile containing it is missing or incomplete, the following error text appears in the LISTMAP output:
Filter with label label-name not found.Guideline: When this error text appears in the LISTMAP output, issue a RACDCERT DELMAP command specifying this label name to remove residual filter information from the user's profile.
A missing or incomplete DIGTNMAP profile might result if a previous RACDCERT command failed to complete due to a system failure or early termination by the issuer. If the mapping or DIGTNMAP profile were not created before the failure, the resulting user profile might contain residual filter information indicating that the user ID is associated with a mapping.
- ID(mapping-owner) | MULTIID
- Specifies the user ID associated with the mapping. If you do not
specify ID or MULTIID, the default is ID, and mapping-owner defaults
to the user ID of the command issuer. If more than one keyword is
specified, the last specified keyword is processed and the others
are ignored by TSO command parse processing.
- ID(mapping-owner)
- Specifies the user ID associated with the mapping.
- MULTIID
- Specifies that additional criteria is used to determine the user ID associated with the mapping.
Examples
|
Mapping information for user NET1ID:
Label: General Internet ID Map
Status: TRUST
Issuer's Name Filter:
>OU=Internet Demo CertAuth.O=BobsMart Software Inc.L=Internet<
Subject's Name Filter:
>L=Internet< Mapping information for MULTIID:
Label: NewAPPL ID Mapping
Status: TRUST
Issuer's Name Filter:
>OU=Class 1 Public Primary Certification Authority.O=VeriSign, Inc..C=<
>US<
Subject's Name Filter:
><
Criteria:
APPLID=&APPLID