ACF2 ACFRULCU utility usage for cleanup of ROLEs no longer used
Article ID: 200489
Updated On:
Products
Issue/Introduction
This is a detailed description of process to remove ROLEs no longer used after LOGONID cleanup.
Environment
Release : 16.0
Component : CA ACF2 for z/OS
Resolution
The ACFRULCU utility can be used if a site is using roles. The ROLNXIST parameter detects any rule line in a $ROLESET rule set that specifies a non-existent user value. SItes can use ROLNXIST with ROLESYS to identify rule lines that contain a value for a non-existent role value.
Here are the parameter descriptions related to ROLE:
- ROLNXIST causes removal of all rule lines from the targeted rule sets that have a ROLE value that no longer exists. X(ROL) records can be identified by a SYSID. When using ROLNXIST against the active databases, the role records will be identified by the current SYSID. When using ROLNXIST against alternate databases, you must also specify ROLESYS to identify the SYSID of the X(ROL) records.
- ROLESYS(sysid) is required when you are processing rules in the alternate databases and have ROLNXIST specified). It specifies a one- to eight-character SYSID value that identifies the correct X(ROL) records being used on the system. Specifying the incorrect SYSID might remove the wrong rule lines.
//SYSPRINT DD SYSOUT=*
//SYSOUT DD DSN=hlq.ACFRULCU.CLEANUP.dataset,
// UNIT=SYSDA,VOL=SER=volname,
// DISP=(NEW,CATLG,DELETE),
// SPACE=(TRK,(15,15),RLSE),
// DCB=(LRECL=80,BLKSIZE=3120,RECFM=FB)
//LOGONID DD DISP=SHR,DSN=hlq.ALTLIDS
//RULES DD DISP=SHR,DSN=hlq.ALTRULES
//INFOSTG DD DISP=SHR,DSN=hlq.ALTINFO
//SYSIN DD *
ACF2
ROLNXIST
ROLESYS(sys1)
/*
Additional Information
More information can be found in section: 'ACFRULCU - Rule Cleanup Utility' of the ACF2 documentation.
Feedback
