By using our website you agree to our use of cookies.

RACF Administration and Auditing

4 Day Course
Hands On
Official IBM Curriculum
Code R1MRFAGB

Book Now - 1 Delivery Method Available:

Classroom Virtual Classroom Private Group - Virtual Self-Paced Online

Overview

It introduces the concepts, terminology, commands, and procedures involved in administering and auditing RACF. All major aspects of day-to-day RACF administration and auditing are covered.

This course is suitable for RACF Administrators and Auditors, Systems Programmers and any other technicians requiring a knowledge of RACF administration principles and practices.

On successful completion of this course, attendees will be able to:

  • Explain the need for security in business information systems
  • Describe how RACF meets business information systems security needs
  • Design a group structure to meet their installation’s requirements
  • Explain & use RACF commands
  • Describe the effect of the various group profile related parameters
  • Explain the management and use of the various non-RACF segments in user profiles
  • Connect users to groups and manage the assigned group authorities
  • Use the dataset related commands to manage both discrete and generic profiles
  • Manage general resources
  • Use and explain the operation of the setropts management commands Use and interpret the output of the Data Security Monitor
  • Use the database unload utility, cross reference utility, remove id utility, database verification utility,
  • Database split/merge/extend utility, and the database block update utility.
View detailed Course Modules

Training Partners

We work with the following best of breed training partners using our bulk buying power to bring you a wider range of dates, locations and prices.

Modules

Hide all

Introduction (1 topic)

  • What is RACF?; Why do we need Security?; Security in the Old Days; Security These Days; What security do we need?; Where are the dangers?; How can RACF help?; RACF Profiles; How RACF operates; The RACF Database; Resource Classes.

The RACF Manuals (1 topic)

  • The Manual Library; RACF Security Administrators Guide; RACF Command Language Reference; BookManager.

Planning for security (1 topic)

  • The Security Policy; Resource Ownership; How to protect Resources?; Grouping Resources and Users; Document the Plan.

Group structure (1 topic)

  • What are Groups?; Why have Groups?; Users and Groups; The Initial Group Structure; The Group Hierarchy; System Special and Group Special; Group Profile Ownership; Group Connections.

The RACF commands (1 topic)

  • Entering RACF Commands; RACF Commands and the Manuals; Entering RACF Commands in Batch; Online Help.

Defining RACF Groups (1 topic)

  • Group Profile Commands; Basic ADDGROUP; Specifying the Superior Group & Owner; Dataset Profile Modeling; RACF Remote Sharing Parameters; Other ADDGROUP Parameters; Non-RACF Segments - DFP, OMVS and OVM; Non-RACF Segments - TME; Full ADDGROUP Syntax; Full ALTGROUP Syntax; Full LISTGRP Syntax; LISTGRP Output; Full DELGROUP Syntax; Group Command Authority.

Defining Users (1 topic)

  • User Profile Commands; Basic ADDUSER; Specifying the Default Group; Group Authority; Class Authority; Group Access Authority; RACF Remote Sharing Parameters; Dataset Profile Modeling; RACF Authorities; RACF Attributes; Security Levels and Security Categories; Security Level Checking; Security Category Checking; Security Labels; Other ADDUSER Parameters; Non-RACF Segments (CICS); Non-RACF Segments (DCE); Non-RACF Segments (DFP, LANGUAGE); Non-RACF Segments (KERB, LNOTES, NDS); Non-RACF Segments (NETVIEW); Non-RACF Segments (USS, zVM); Non-RACF Segments (OPERPARM); Non-RACF Segments (TSO); Non-RACF Segments (WORKATTR); Full ADDUSER Syntax; Basic ALTUSER; ALTUSER Only Parameters; Full ALTUSER Syntax; Full LISTUSER Syntax; LISTUSER Output; Full DELUSER Syntax; User Command Authority; Basic PASSWORD; Changing Other Users Passwords; Full Syntax of PASSWORD; Password Command Authority.

Connecting Users to Groups (1 topic)

  • Connect and Remove Commands; Basic CONNECT; Full CONNECT Syntax; Basic REMOVE; Full REMOVE Syntax; Connect/Remove Command Authority.

Dataset profiles (1 topic)

  • Dataset Profile Commands; Basic ADDSD; Discrete Dataset Profiles; Discrete Profile Parameters; Generic Dataset Profiles; Generic Wildcard Characters - %; Generic Wildcard Characters - *; Generic Wildcard Characters - **; Specifying Dataset Attributes; Access Levels; Auditing Access Attempts; Profile Copying; RACF Remote Sharing Parameters; Security Level & Category Checking; Other Profile Attributes; Non-RACF Segments - DFP; Non-RACF Segments - TME; Full ADDSD Syntax; Basic ALTDSD; ALTDSD Only Parameters; Full ALTDSD Syntax; Basic LISTDSD; Listing Many Dataset Profiles; Listing Generic or Discrete Profiles; Specifying What To List; Full LISTDSD Syntax; LISTDSD Output; Full DELDSD Syntax; Dataset Command Authority; Basic PERMIT; Conditional Access Lists; Permitting Many Users Access; Removing Users and Groups; Deleting Access Lists; Full PERMIT Syntax; PERMIT Command Authority.

General Resource profiles (1 topic)

  • General Resource Profile Commands; Basic RDEFINE; Common RDEFINE Parameters; Adding Additional Profile Information; Non-RACF Segment - TME; When the Class is DLFCLASS; When the Class is APPCLU; When the Class is REALM; When the Class is PTKTDATA; When the Class is ROLE; When the Class is STARTED; When the Class is SYSMVIEW; When the Class is TAPEVOL; When the Class is TERMINAL; Full RDEFINE Syntax; Resource Grouping Classes; Protecting CICS Transactions; Protecting Load Modules; Protecting SDSF; Basic RALTER; RALTER Only Parameters; Full RALTER Syntax; Basic RLIST; Common RLIST Parameters; Listing Non-RACF Segments; Special RLIST Features; Full RLIST Syntax; RLIST Output; Full RDELETE Syntax; Remember PERMIT?; General Resource Command Authority.

Special RACF features (1 topic)

  • SEARCH command and control parameters.

The SETROPTS command (1 topic)

  • Basic SETROPTS; Dataset Related Parameters; General Parameters; In-Storage Profile Parameters; B1 Security Parameters; JES Parameters; Userid & Password Parameters; Auditor Parameters; SETROPTS LIST Examples; SETROPTS Command Authority.

Auditing RACF (1 topic)

  • RACF Auditing; RACF Report Writer; Basic RACFRW Commands; Full RACFRW Syntax; Full SELECT Syntax; Basic EVENT Command; Full EVENT Syntax; Full LIST Syntax; RACFRW Output Example; Full SUMMARY Syntax; RACF SMF Data Unload Utility; SMF Unload Utility JCL; Using the Unloaded RACF SMF Data; Processing the RACF SMF Data with DB2; Standard DB2 Tables; Data Security Monitor; System & Group Tree Reports; Pgm Properties & Auth Caller Table Reports; Class Descriptor Table & RACF Exits Report; Global Access Table Report; Started Procedures Table Report; Selected User Attribute Reports; Selected Data Sets Report.

RACF utility programs (1 topic)

  • Database Unload Utility; Database Cross Reference Utility; Database Cross Reference Utility Output; RACF Remove ID Utility; Database Verification Utility; Database Verification Utility Output; Database Split/Merge/Extend Utility; Database Block-Update Utility Command.

Prerequisites

Attendees should have a clear understanding of zOS at a conceptual level and also have a basic understanding of RACF that can be gained by attending the RSM course Understanding RACF. A working knowledge of TSO/ISPF and JCL is also required.
IBM zSeries Training Courses

Course PDF

Print

Share this Course

+1
Share

Recommend this Course

Sections