We have a RACF database that is still unconverted to use this. I am being
hassled to convert it.
Since we have very little USS work I am inclined to leave it until
conversion becomes compulsory.
Does anyone have any comments (other than "lazy s*d!")? Any benefit
other than marginal performance issues?????
Our system is z/OS 1.3
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to listserv@no-spam with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
On 7/7/2003 12:41 PM, Andy Robertson wrote:
> We have a RACF database that is still unconverted to use this. I am being
> hassled to convert it.
>
> Since we have very little USS work I am inclined to leave it until
> conversion becomes compulsory.
>
> Does anyone have any comments (other than "lazy s*d!")? Any benefit
> other than marginal performance issues?????
>
Application identity mapping is only _required_ for a few UNIX-related
functions at this point:
(a) unique UID/GID enforcement
(b) automatic UID/GID assignment
(c) SEARCH CLASS(USER) UID(nnn) or SEARCH CLASS(GROUP) GID(nnn)
If you don't need those, and especially if you aren't making a lot of
use of z/OS UNIX or other functions that have mapping profiles then you
probably don't have an urgent need to convert your RACF database today.
--
Walt Farrell, z/OS Security Server Design, IBM
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to listserv@no-spam with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html