Creating the TMEADMIN class to associate a RACF® user ID

About this task

To create the resource class EQQADMIN and map it to a RACF® user ID, perform the following steps:
  1. Make sure your operating system has the Security Server feature.
  2. Create the TMEADMIN class for mapping the administrator ID and host name to the RACF® user ID.
    Note: If RACF® is your security product and your operating system does not have the Security Server feature, you can use the supplied samples to create the following:
    • RACF® TMEADMIN class EQQ9RFDE. Use the following macro, which you can access in the EQQ9RFDE member of SEQQSAMP library: 
      TMEADMIN ICHERCDE CLASS=TMEADMIN,
                             ID=129,
                             MAXLNTH=246,
                             FIRST=ALPHANUM,
                             OTHER=ANY,
                             POSIT= 26,
                             OPER=NO,
                             DFTUACC=NONE,
                             DFTRETC=8,
                             RACLIST=ALLOWED,
                             GENLIST=ALLOWED
    • RACF Router Table EQQ9RF01. Use the following macro, which you can access in the EQQ9RF01 member of SEQQSAMP library: 
           TAB18            ICHRFRTB  CLASS=TMEADMIN,ACTION=RACF
  3. Using RCAF TMEADMIN class, map the administrator ID to the RACF® user ID. The RACF® user ID is associated with the administrator defined at the workstation. Any administrative action is thereby traceable to the user issuing the request.
  4. Define a profile in the supplied resource class TMEADMIN for each administrator who is able to access Dynamic Workload Console.
    Note: In the following tasks, which are for mapping the administrator to RACF® user IDs, it is recommended that each administrator maps to a unique RACF® user ID.
  5. Activate the TMEADMIN class by typing the following command: SETROPTS CLASSACT (TMEADMIN).
  6. In the TMEADMIN class, use the following string to define a unique RACF® user ID for each administrator who will perform Dynamic Workload Console operations: 
    userID@hostname
    For example, for a user with the identifier SCOT at the host pelican, you would use SCOT@pelican.
  7. Enter the following command to define a general resource profile in the TMEADMIN class to associate the administrator with a RACF® user ID (in this example, SCOT): 
    RDEFINE TMEADMIN SCOT@hostname APPLDATA('SCOT')
    Note: The string SCOT@hostname is not case sensitive.
  8. Refresh the TMEADMIN class with the following command: 
    SETROPTS RACLIST(TMEADMIN) REFRESH
    If you experience problems using special characters to define a profile in the TMEADMIN class, use the following command instead: 
    SETROPTS GENERIC(TMEADMIN) REFRESH

Also, use the percent sign (%) instead of the special character. For example, for the Italian code page, the character @ (hex'B5') is not accepted by RACF®. Therefore, use SCOT%pelican instead of SCOT@pelican.

When searching a list of TMEADMIN profiles for a match, RACF® looks for the most similar generic profile.