IBM OS/390 Server User Manual


 
Enable/Disable Changes
OS/390 Version 2 Release 4 has a new product ID that affects the enable/disable
function in all of its elements including the Security Server. The ID() value used in
the IFAPRDxx parmlib member needs to be "5647-A01". The remainder of the
parameters remain the same. Without this necessary change to the ID() parameter,
the Security Server will not initialize. In order to keep from making changes in the
future, you can use the value ID(*). For more information, see
OS/390 Security
Server (RACF) System Programmer's Guide
.
OW26237 Enhancements of Global Access Checking
This enhancement allows RACROUTE REQUEST=AUTH processing to use global
access checking for general resource classes regardless of whether or not the
class has been RACLISTed by either SETROPTS RACLIST or RACROUTE
REQUEST=LIST. Authorization checking using RACROUTE REQUEST=AUTH
searches the global access checking table for a matching entry, ignoring profiles in
the class. If no global access checking table entry matches the search, or if the
access specified in the entry is less than the access being requested, RACF then
searches for a matching profile in the class. With this release of OS/390 Security
Server (RACF), this processing occurs regardless of whether or not the class is
RACLISTed using SETROPTS RACLIST or RACROUTE REQUEST=LIST.
10 OS/390 V2R4.0 Security Server (RACF) Planning: Installation and Migration