The getUMAP and getGMAP services also look for default values. If getUMAP is
given a UID as input and the corresponding USER profile has no OMVS segment,
the caller of the getUMAP service receives the default. If no default value is found,
RACF return code 8, reason code 4 are returned by the getUMAP service. If a UID
is passed to getUMAP, then it returns a user ID, which is likely to return the user ID
of the default user.
Similarly, if getGMAP is given a GID as input and the corresponding GROUP profile
has no OMVS segment, the caller of the getGMAP service receives the default. If
no default value is found, RACF return code 8, reason code 4 are returned by the
getGMAP service. If a GID is passed to getGMAP, it returns a group name, which
is likely to return the group name of the default group.
The default OMVS segments reside in a USER profile and a GROUP profile. The
installation selects the names of these profiles, using a profile in the FACILITY
class. The name of the FACILITY class profile is BPX.DEFAULT.USER. The
application data field contains the user ID and the group name. The user profile for
the user ID specified contains the UID, and the group profile for the group name
specified contains the GID.
In order to use this default USER/GROUP support, the following need to be done:
Make the FACILITY class active.
Define BPX.DEFAULT.USER with APPLDATA('
uuuu/gggg
') where
uuuu
specifies a default user ID of 1-8 characters and
gggg
specifies a default group
name of 1-8 characters. The USER profile
uuuu
needs to have an OMVS
segment with the default UID, HOME, and PROGRAM. The GROUP profile
gggg
needs to have an OMVS segment giving the default GID.
If only default user information is needed, use APPLDATA ('
uuuu
').
The processing of the default OMVS segments for the user and the current
connection group are independent of each other. The OMVS segment of the user
specified on the initUSP may be used to obtain the UID, and the user may come
from the group ID specified in the FACILITY class profile. Similarly, when the
default UID found through the user ID specified in the FACILITY class profile is
used, the GID may come from the user's current connect group. Also the user
specified in the FACILITY class profile does not need to be a member of the group
specified in that profile. These values are used independently.
Run-Time Library Services
The Run-Time Library Services (RTLS) of OS/390 introduce new contents
supervisor support to facilitate the binding of applications to a specific language
run-time environment defined on an installation basis. System programmers can
use FACILITY class profiles and RACF's program control when there is a need to
control access to run-time libraries and the programs that use the run-time libraries.
Password History Enhancements
The password history enhancement makes it easier for installations to prevent end
users from circumventing password history security policy. The old password is
saved in the password history list when a password is reset by an administrator.
The following commands have been modified to save the old password whenever
the password is reset:
Chapter 2. Release Overview 7