IBM CICS provides the RACFSYNC parameter which determines whether or not CICS listens for type 71 ENF events. Does ACF2 emit ENF 71 signals and if so, what events trigger it?
ACF2 support of IBM ENF SIGNAL TYPE 71 was added with PTF RO61511.
In z/OS 1.11, IBM added an ENF 71 signal for support of z/OS Identity propagation. In z/OS 2.1 (and rolling back to z/OS 1.13), IBM expanded the ENF 71 signaling capability in RACF to allow listeners, such as CICS and Db2, to take actions based on this signal. The ENF 71 signal is issued to alert listeners to a possible change in a user's or group's authorizations to resources.
For CICS the RACFSYNC={YES|NO} system initialization parameter (SIT) controls whether CICS will listen for the type 71 ENF events.
ACF2 supports ENF 71 signaling for some ENF-qualifying events. ACF2 ensures that listeners for ENF 71, such as CICS and Db2, receive correct and expected information in the signal issued by ACF2 and are able to take proper actions based on the signal.
In ACF2, an ENF 71 signal is automatically sent when any of the following commands is issued:
ACF2 will also produce an ENF 71 signal for a logical suspend for password violations with PTF SO14547 applied.
Listeners of IBM ENF 71 signal, such as CICS 5.1+ and Db2 V11+, will receive an ENF 71 signal when an ENF 71-qualifying event occurs in ACF2 on a z/OS 2.1+ system.
In RACF, an ENF 71 signal is sent when any of the following RACF commands is issued on a z/OS 2.1 system (ENF 71 plist is version 2):
In addition, RACF ENF 71 support includes the following: