RACF Administration & Auditing Training

  • Learn via: Classroom
  • Duration: 4 Days
  • Price: From €2,567+VAT
We can host this training at your preferred location. Contact us!

This four-day, hands-on class is the definitive RACF course for technicians and administrators. The course, designed and written by RACF specialists, is regularly revised and updated to match developments in the RACF and z/OS environments.<br><br>It introduces and explains the concepts, terminology, commands, and procedures involved in administering and auditing RACF. All major aspects of day-to-day RACF administration and auditing are covered.<br>To ensure full understanding, a number of realistic practical exercises are performed during this course.<br><br>This course is also available for one-company, on-site presentations and for live presentation over the Internet, via the Virtual Classroom Environment service.

Attendees should have a clear understanding of z/OS at a conceptual and practical level. A working knowledge of TSO/ISPF and JCL is also required.

  • explain the need for security in business information systems
  • describe how RACF meets business information systems security needs
  • design a group structure to meet their installations requirements
  • explain & use RACF commands
  • describe the effect of the various group profile related parameters
  • explain the management and use of the various non-RACF segments in user profiles
  • connect users to groups and manage the assigned group authorities
  • use the dataset related commands to manage both discrete and generic profiles
  • manage general resources
  • use and explain the operation of the basic setropts management commands
  • use and interpret the output of the Data Security Monitor
  • use the database unload utility, cross reference utility, remove id utility, database verification utility, database split/merge/extend utility, and the database block update utility
  • run and interpret auditing reports.

Introduction to RACF

What is RACF?; Why do we need security?; Security in the 'old days'; Security these days; What security do we need?; Where are the dangers?; How can RACF help?; RACF profiles; How RACF operates; The RACF database; Multiple data set database; Resource classes.

The RACF Manuals

The manual library; RACF Security Administrators' Guide; RACF features; z/OS features; Other products; Related non-RACF manuals; RACF command language reference; BookManager and Adobe pdf.

Planning for Security

The Security Policy; Resource ownership; How to protect resources?; Grouping resources and users; Document the plan.

Group Structure

What are Groups?; Why have Groups?; Users and Groups; The initial group structure; The Group Hierarchy; System Special and Group Special; Group Profile ownership; Group connections.

The RACF Commands

Entering RACF commands; RACF commands and the manuals; Entering RACF commands in batch; Entering commands via a CLIST; Online Help.

Defining RACF Groups

Group profile commands; Basic ADDGROUP; Specifying the SUPerior GROUP & OWNER; Other ADDGROUP parameters; Non-RACF segments - DFP, z/OS and zVM; Full ADDGROUP syntax; Full ALTGROUP syntax; Full LISTGRP syntax; LISTGRP output; Full DELGROUP syntax; Group command authority; SEARCH command.

Defining Users

User profile commands; Basic ADDUSER; Specifying the default group; Group authority; Class authority; RACF authorities; RACF attributes; Security levels and security categories; Security level checking; Security category checking; Security labels; Other ADDUSER parameters; Non-RACF segments; Full ADDUSER syntax; Basic ALTUSER; ALTUSER-only parameters; Full LISTUSER syntax; LISTUSER output; Full DELUSER syntax; User command authority; Basic PASSWORD; Changing other users' passwords; Full syntax of PASSWORD; Password command authority.

Connecting Users to Groups

Connect and Remove Commands; Basic CONNECT; Full CONNECT Syntax; Basic REMOVE; Full REMOVE Syntax; Connect/Remove command authority.

Dataset Profiles

Dataset profile commands; Basic ADDSD; Discrete data set profiles; Discrete profile parameters; Generic data set profiles; Generic wildcard characters - %; Generic wildcard characters - *; Generic wildcard characters - **; Specifying data set attributes; Access levels; Auditing access attempts; Profile copying; Security level & category checking; Other profile attributes; Full ADDSD syntax; Basic ALTDSD; ALTDSD-only parameters; Full ALTDSD syntax; Basic LISTDSD; Listing many data set profiles; Listing generic or discrete profiles; Specifying what to list; Full LISTDSD syntax; LISTDSD output; Full DELDSD syntax; Data set command authority; Basic PERMIT; Conditional access lists; Permitting many users access; Removing users and groups; Deleting access lists; Full PERMIT syntax; PERMIT command authority; SETROPTS REFRESH GENERIC(data set); SEARCH command basics; SEARCH control parameters; The FILTER & MASK parameters.

General Resource Profiles

General resource profile commands; Basic RDEFINE; Common RDEFINE parameters; Adding additional profile information; When the class is CONSOLE; When the class is OPERCMDS; When the class is CDT; When the class is SURROGAT; The Started Task Table; Using ICHRIN03; Using the STARTED class; When the class is TAPEVOL; Full RDEFINE syntax; Resource grouping classes; Protecting CICS transactions; Protecting load modules; Protecting SDSF; Basic RALTER; RALTER-only parameters; Full RALTER syntax; Basic RLIST; Common RLIST parameters; Listing Non-RACF segments; Special RLIST features; Full RLIST syntax; RLIST output; Full RDELETE syntax; Remember PERMIT?; General resource command authority; The Global Access Checking table; In-storage profiles; In-storage profile parameters.

Auditing RACF

Auditing RACF; Auditor parameters; RACF Report Writer; Basic RACFRW commands; Full RACFRW syntax; Full SELECT syntax; Basic EVENT command; Full EVENT syntax; Full LIST syntax; RACFRW output example; Full SUMMARY syntax; RACF SMF data Unload utility; SMF Unload utility JCL; Using the unloaded RACF SMF data; Processing the RACF SMF data with DB2; Other reporting tools; The Data Security Monitor; The System & Group Tree Reports; Program Properties & Auth Caller Table Reports; Class Descriptor Table & RACF Exits Report; Global Access Table Report; Started Procedures Table Report; Selected User Attribute Reports; Selected Data Sets Report.

RACF Utility Programs

The database unload utility; The database cross-reference utility; The database cross-reference utility output; The RACF remove ID utility; The database verification utility; The database split/merge/extend utility; The database block-update utility command.

Contact us for more detail about our trainings and for all other enquiries!

Upcoming Trainings

Join our public courses in our Istanbul, London and Ankara facilities. Private class trainings will be organized at the location of your preference, according to your schedule.

Classroom / Virtual Classroom
18 June 2024
Istanbul, Ankara, London
4 Days
Classroom / Virtual Classroom
17 June 2024
Istanbul, Ankara, London
€2,567 +VAT Book Now
Classroom / Virtual Classroom
24 June 2024
Istanbul, Ankara, London
€2,567 +VAT Book Now
Classroom / Virtual Classroom
05 July 2024
Istanbul, Ankara, London
4 Days
Classroom / Virtual Classroom
22 July 2024
Istanbul, Ankara, London
€2,567 +VAT Book Now
Classroom / Virtual Classroom
02 September 2024
Istanbul, Ankara, London
€2,567 +VAT Book Now
Classroom / Virtual Classroom
20 September 2024
Istanbul, Ankara, London
4 Days
Classroom / Virtual Classroom
22 September 2024
Istanbul, Ankara, London
4 Days
By using this website you agree to let us use cookies. For further information about our use of cookies, check out our Cookie Policy.