The task of building a RACF user profile (or their equivalents in the CA
products) is not that difficult even without the use of add on products.
A previous post provided a method to search through the IRRDBU00
output file to build a series of commands. I concocted something quite
similar during a TS to RACF conversion some years ago. In that scenario
I had to use the TS db unload as the basis to build RACF commands to
build users, groups, and various resource profiles. No biggie, and the
previous cited example is fine enough for the job.
An easier approach, IMHO, is to construct the series of commands, by
whatever means, execute them to build the ID, then save them in a PDS
member or any type of file. Inevitably, more requests come in and then
it's a simple matter of copying the saved set of commands, executing
them, and you're done.
When I started in security administration way back when, it occurred to
me that every command(s) is a 1 line (or more) clist. I then started to
save everything unique that I ever did, security related, in a series of
members. When a request came in I found a like type member, modified it
and ran it.
Obviously some ISPF editing skill is required but the OP sounded like he
has plenty of that based on his questions. Once I had the add on
products I became spoiled instantly, however those products are
expensive so any RYO solution can be attractive.
On 1/17/2014 9:29 AM, Mark Zelden wrote:
I grew up on MVS (SP 1.3) with ACF2. It was the very first thing I ever
installed and implemented on an MVS system as a new sysprog (only
had OS passwords before that).
When I was finally exposed to RACF at a different shop 6 years later
(around 1991) I was surprised that there was no way to model an ID after
another ID. Here we are 20+ years later and there is still no
way to do it without products like Vanguard or BETA88. :-(
--
Mark Zelden - Zelden Consulting Services - z/OS, OS/390 and MVS
ITIL v3 Foundation Certified
mailto:[email protected]
Mark's MVS Utilities: http://www.mzelden.com/mvsutil.html
Systems Programming expert at http://search390.techtarget.com/ateExperts/
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
