Manage Users › View Security Object Relationships in the Topology Viewer › How to Remove a User › (Optional) Review Dependency Considerations › (Optional) Review Dependency Considerations (CA ACF2)

(Optional) Review Dependency Considerations (CA ACF2)

To help ensure continuity of security, consider the following points before deleting the user:

• When you delete a logonid, CA ACF2 also deletes the associated User Profile records. Consider the impact of deletion, especially if the logonid is used for production batch jobs, started tasks, or other types of production workloads.

  For example, deleting a logonid deletes all CERTDATA records and KEYRING records associated with that logonid. Deletion can affect processes that use these records (for example, CICS, WebSphere application servers, and others). These transaction processing platforms can use digital certificates and keyrings to support the encryption of IP data flows and user authentication. If necessary CERTDATA and KEYRING definitions are improperly deleted, significant workload disruptions can occur.

• When you delete a logonid, CA ACF2 does not remove specific mention of the explicit logonid in data set access rules, generalized resource rules, or DB2 resource rules. Manually delete these rule lines, or run the CA ACF2 Rule Cleanup Utility (ACFRULCU) to remove them. For information about this utility, see the CA ACF2 Reports and Utilities Guide.
• When you delete a logonid, CA ACF2 does not remove specific mention of that logonid in other CA ACF2 records, such as Entry records (for example, scope records), Structured records (for example, GSO, CACHE, DCO records), Cross Reference records, and other record types.
• Physical system resources such as data sets, z/OS UNIX files, directories, or others can belong to the logonid. To determine if you must also delete these resources, review your site policies.
• A logonid can logically own resources (that is, it can have complete or shared administrative authority for a resource or set of resources). Review logical ownership to determine if you must appoint new logical owners to ensure administrative continuity.