Yes, this will work in RACF:
If using RACF, when you define the user as LOGONBY, it can by default no longer be logged on to with its own password (what is normally what you'd want). But, with an extra command you can restore that possibility: 1. Define TERRY as LOGONBY RAC RDEFINE SURROGAT LOGONBY.TERRY UACC(NONE) 2. Reset the PERMIT RACF created for the command issuer RAC PERMIT LOGONBY.TERRY CLASS(SURROGAT) RESET 3. Allow users/groups to use this LOGONBY to TERRY RAC PERMIT LOGONBY.TERRY CLASS(SURROGAT) ID(user/group) ACCESS(READ) 4. (optional) Make it possible to logon to TERRY with its own password RAC PERMIT LOGONBY.TERRY CLASS(SURROGAT) ID(TERRY) ACCESS(ALTER) Thank You, Terry Martin Lockheed Martin - Information Technology z/OS & z/VM Systems - Performance and Tuning Cell - 443 632-4191 Work - 410 786-0386 [email protected] <mailto:[email protected]> ________________________________ From: The IBM z/VM Operating System [mailto:[email protected]] On Behalf Of Schuh, Richard Sent: Wednesday, June 10, 2009 2:21 PM To: [email protected] Subject: Re: LOGONBY 8 user limitation If you were using VM:Secure, you would do it via the Rules Facility. Is there anything equivalent in RACF? Regards, Richard Schuh ________________________________ From: The IBM z/VM Operating System [mailto:[email protected]] On Behalf Of Dave Keeton Sent: Wednesday, June 10, 2009 9:52 AM To: [email protected] Subject: LOGONBY 8 user limitation I'm trying to determine if RACF will allow me to bypass the 8 user limitation imposed with the LOGONBY attribute of the USER DIRECT entry. I need to add operations staff to a virtual machine so they can respond to messages and other tasks. I need to allow 16 users, so I'm trying to figure out how to accomplish this. Thanks, Dave
