Address Enterprise priorities of performance, cost, and security. Stand-out leadership, accelerate skills development, and achieve career goals using 30 years of effective and proven mainframe training experience.
- This event has passed.
RACF Administration & Auditing
July 29, 2019 - August 1, 2019$3400
This four-day, hands-on class is the definitive RACF course for technicians and administrators. The course, designed and written by RACF specialists, is regularly revised and updated to match developments in the RACF and z/OS environments.
It introduces and explains the concepts, terminology, commands, and procedures involved in administering and auditing RACF. All major aspects of day-to-day RACF administration and auditing are covered.
To ensure full understanding, a number of realistic practical exercises are performed during this course.
This course is also available for one-company, on-site presentations and for live presentation over the Internet, via the Virtual Classroom Environment service.
- Headphones with a microphone.
- Sufficient bandwidth, at least 1.5 Mb/s in each direction.
The next step
For RACF Administrators the next recommended course would be the two-day RACF: Advanced Administration course.
For Sytems Programmers, the next course is the three-day RACF for z/OS Systems Programmers course.
What do I need?
- headphones with microphone
- sufficient bandwidth, at least 1.5 Mb/s in each direction.
On successful completion of this course you will be able to:
- Explain the need for security in business information systems
- Describe how RACF meets business information systems security needs
- Design a group structure to meet their installation’s requirements
- Explain & use RACF commands
- Describe the effect of the various group profile related parameters
- Explain the management and use of the various non-RACF segments in user profiles
- Connect users to groups and manage the assigned group authorities
- Use the dataset related commands to manage both discrete and generic profiles
- Manage general resources
- Use and explain the operation of the basic setropts management commands
- Use and interpret the output of the Data Security Monitor
- Use the database unload utility, cross reference utility, remove id utility, database verification utility, database split/merge/extend utility, and the database block update utility
- Run and interpret auditing reports.
Who Should Attend?
RACF Administrators and Auditors, Systems Programmers and any other technicians requiring a knowledge of RACF administration principles and practices.
Attendees should have a clear understanding of z/OS at a conceptual and practical level. A working knowledge of TSO/ISPF and JCL is also required.
Fee (per attendee)
Introduction to RACF
What is RACF?; Why do we need security?; Security in the ‘old days’; Security these days; What security do we need?; Where are the dangers?; How can RACF help?; RACF profiles; How RACF operates; The RACF database; Multiple data set database; Resource classes.
The RACF Manuals
The manual library; RACF Security Administrators’ Guide; RACF features; z/OS features; Other products; Related non-RACF manuals; RACF command language reference; BookManager and Adobe pdf.
Planning for Security
The Security Policy; Resource ownership; How to protect resources?; Grouping resources and users; Document the plan.
What are Groups?; Why have Groups?; Users and Groups; The initial group structure; The Group Hierarchy; System Special and Group Special; Group Profile ownership; Group connections.
The RACF Commands
Entering RACF commands; RACF commands and the manuals; Entering RACF commands in batch; Entering commands via a CLIST; Online Help.
Defining RACF Groups
Group profile commands; Basic ADDGROUP; Specifying the SUPerior GROUP & OWNER; Other ADDGROUP parameters; Non-RACF segments – DFP, z/OS and zVM; Full ADDGROUP syntax; Full ALTGROUP syntax; Full LISTGRP syntax; LISTGRP output; Full DELGROUP syntax; Group command authority; SEARCH command.
User profile commands; Basic ADDUSER; Specifying the default group; Group authority; Class authority; RACF authorities; RACF attributes; Security levels and security categories; Security level checking; Security category checking; Security labels; Other ADDUSER parameters; Non-RACF segments; Full ADDUSER syntax; Basic ALTUSER; ALTUSER-only parameters; Full LISTUSER syntax; LISTUSER output; Full DELUSER syntax; User command authority; Basic PASSWORD; Changing other users’ passwords; Full syntax of PASSWORD; Password command authority.
Connecting Users to Groups
Connect and Remove Commands; Basic CONNECT; Full CONNECT Syntax; Basic REMOVE; Full REMOVE Syntax; Connect/Remove command authority.
Dataset profile commands; Basic ADDSD; Discrete data set profiles; Discrete profile parameters; Generic data set profiles; Generic wildcard characters – %; Generic wildcard characters – *; Generic wildcard characters – **; Specifying data set attributes; Access levels; Auditing access attempts; Profile copying; Security level & category checking; Other profile attributes; Full ADDSD syntax; Basic ALTDSD; ALTDSD-only parameters; Full ALTDSD syntax; Basic LISTDSD; Listing many data set profiles; Listing generic or discrete profiles; Specifying what to list; Full LISTDSD syntax; LISTDSD output; Full DELDSD syntax; Data set command authority; Basic PERMIT; Conditional access lists; Permitting many users access; Removing users and groups; Deleting access lists; Full PERMIT syntax; PERMIT command authority; SETROPTS REFRESH GENERIC(data set); SEARCH command basics; SEARCH control parameters; The FILTER & MASK parameters.
General Resource Profiles
General resource profile commands; Basic RDEFINE; Common RDEFINE parameters; Adding additional profile information; When the class is CONSOLE; When the class is OPERCMDS; When the class is CDT; When the class is SURROGAT; The Started Task Table; Using ICHRIN03; Using the STARTED class; When the class is TAPEVOL; Full RDEFINE syntax; Resource grouping classes; Protecting CICS transactions; Protecting load modules; Protecting SDSF; Basic RALTER; RALTER-only parameters; Full RALTER syntax; Basic RLIST; Common RLIST parameters; Listing Non-RACF segments; Special RLIST features; Full RLIST syntax; RLIST output; Full RDELETE syntax; Remember PERMIT?; General resource command authority; The Global Access Checking table; In-storage profiles; In-storage profile parameters.
Auditing RACF; Auditor parameters; RACF Report Writer; Basic RACFRW commands; Full RACFRW syntax; Full SELECT syntax; Basic EVENT command; Full EVENT syntax; Full LIST syntax; RACFRW output example; Full SUMMARY syntax; RACF SMF data Unload utility; SMF Unload utility JCL; Using the unloaded RACF SMF data; Processing the RACF SMF data with DB2; Other reporting tools; The Data Security Monitor; The System & Group Tree Reports; Program Properties & Auth Caller Table Reports; Class Descriptor Table & RACF Exits Report; Global Access Table Report; Started Procedures Table Report; Selected User Attribute Reports; Selected Data Sets Report.
RACF Utility Programs
The database unload utility; The database cross-reference utility; The database cross-reference utility output; The RACF remove ID utility; The database verification utility; The database split/merge/extend utility; The database block-update utility command.
The above are samples for course descriptions, objectives, content, and pre-requisites. Each virtual classroom course is a minimum of 3 participants and a maximum of 6 participants. Fifteen (15) day confirmation notice is required for public courses or thirty (30) day confirmation notice for private courses before the start of the course. The schedule and cost are tentative and subject to confirmation based on your actual requirements. For price, availability, and confirmation, please contact us.
Online orders are not refunded within fifteen (15) day for public courses or thirty (30) day for private courses prior to the starting date. A 5% administration fee will be charged for course cancelation or change.