Hi, On the general question of is there a sure-fire way of cloning a userid within RACF, I cannot provide an answer but am able to offer insight I think based on experience with the ADCD and a smattering of knowledge gained in such an environment.
Remember that Userids in RACF belong to Groups and if access authorities to other resources such as ACCTNUM, TSOPROC, JCL, OPE, Data sets etc., are granted at the group level, then any new Userid added to that group automatically picks up the same access authorities. Unfortunately the Userids IBM provided with the ADCD system were granted access to resources at the Userid rather Group level. (Check the Access List for ACCTNUM/ACCT# and a list of Userids prefixed by ADCD will be shown.) This inhibits simple cloning, whereas Group access aids it. One lesson which was given to me by a colleague was to switch from using the ISPF/RACF panels and revert to raw ISPF commands, held in a PDS member and executed via batch TSO. This provides both a visible record of what has been done, and the capability to reproduce the same if required. Kind regards - Terry Terry Sambrooks Director KMS-IT Limited 228 Abbeydale Road South Dore, Sheffield, S17 3LA, UK Tel: +44 (0)114 262 0933 WEB: www.legac-e.co.uk Company Reg: 3767263 at the above address All outgoing E-mail is scanned, but it remains the recipient's responsibility to ensure their system is protected from spy-ware, trojans, viruses, and worms. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
