Frank Swarbrick wrote: >Is z/OS still limited in all cases to 8 upper case characters?
No. The IBM Directory Server for z/OS supports more than 8 upper case character user IDs. That's a standard, included, IBM supported feature in the base z/OS operating system. Bob Bridges wrote: >MQ, TSO, CICS, IMS - whatever the environment, the ID has to be >authenticated by RACF (or ACF2, or TSS). Not as you've written it, no, that's not correct. First of all, user authentication isn't necessarily required. However, I and many others argue that these systems should at least be authorizing user requests. TSO/E, yes, that subsystem supports user IDs up to a maximum of 8 characters. Otherwise, I know that MQ for z/OS and CICS Transaction Server for z/OS can authenticate users via LDAP (ideally the IBM Directory Server for z/OS) at least in certain contexts. See here for example: https://www.ibm.com/support/knowledgecenter/SSFKSJ_9.1.0/com.ibm.mq.sec.doc/q127976_.htm I would have to dig a little deeper with respect to IMS if anyone is interested. Interestingly even the "classic" 3270 z/VSE sign on screen supports "long" user ID authentication via LDAP-based sign on, although it requires "mapping" to a short user ID under the covers: https://www.ibm.com/support/knowledgecenter/SSB27H_6.2.0/fa2ad_ovw_ldap_sign-on_process.html Users don't really have to know all that, though. They just sign on with LDAP user ID "AliceCooper1990" (or whatever). Maybe somebody would like to submit a Request for Enhancement (RFE) for something similar with TSO/E? I don't think IBM provides a "stock" sign on screen with z/OS that'll do this. - - - - - - - - - - Timothy Sipples I.T. Architect Executive Digital Asset & Other Industry Solutions IBM Z & LinuxONE - - - - - - - - - - E-Mail: [email protected] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
