We have to recycle the CA7 STC to add/delete/modify users.  Yes, we are using the security module and it is coded up with thousands of lines defining the user.  There is no way to "dynamically" refresh this to keep us from recycling the Ca7?  If the answer is no then my next thought would be to push all the authority our to ACF2. 

Release : 12.1

 Recommended do the following below:

1- You need to define the resources CA70001 - CA70999 to your security package and give each user READ access to the resource that is associated with the UID value they currently have in your security table. For example if USERA has UID=057 in the internal security table, you will give them read access to resource CA70057 in ACF2

2- You will need to update your SECURITY statement in the CA 7 init deck and add UID=SASSRTBL to the end of the statement

3- You will need to update/create a profile record in CA 7 for each user and define the resource they need using the following command:   /PROFS,ID=xxxxxx,R=CA7xxxx

4- At some point you will need to remove users from the internal security table. Its recommended to keep them there and just change your security statement to point to the default security table name SASSSECI