The following enhancements have been made to the SECURITY command.
Valid Values:
Y - The security data set is cached.
N - The security data set is not cached.
The security data set is now being cached in memory.
If you are sharing the same security file across multiple systems and make an update to security, the cache will need to be flushed using the DELCache subcommand on all systems sharing the security file. The local system where the update was made gets flushed automatically.
The following security configuration option has been added.
The new permitted value of USERDEF allows a user-defined field in the external security product to be used to set the internal security group.
For more details on setting up security validation, see SAMPLIB members:
The parameter library member OPTIONS has been enhanced to include new security options.
Specifies the prefix name for RACF Connect Groups to be searched for the user-defined field name that SAFUserGroupField specified.
Default: Searches all RACF Connect Groups after checking for the user-defined field in the USER profile.
Note: This option is only used when Security-Validation is set to USERDEF in the System Configuration parmlib member and RACF is the external security manager.
Specifies the name of the user-defined field that contains the internal security group name of the user.
This option is only used when Security-Validation is set to a value of USERDEF in the System Configuration parmlib member.
The user-defined field must be defined in the external security manager.
Specifies the segment name that is used when querying SAF for the user-defined field name containing the internal security group name of the user.
This option is only used when Security-Validation is set to a value of USERDEF in the System Configuration parmlib member.
|
Copyright © 2014 CA.
All rights reserved.
|
|