-z/OSMF Configuration Guide contains figures about different RACF/ZOSMF implementations.

-This technical document intents to translate all RACF command to CA Top Secret command to implement z/OSMF with CA Top Secret.

-There is a file attached to this technical document which contains all command and instructions to follow.

-Although the attached file contains the Top Secret equivalent commands of the RACF ones, some additional work has to be done.

-With Top Secret a GROUP type is only defined for USS purposes i.e. to own GID. 

-With RACF a GROUP can have a GID and PERMITS, but with Top Secret it is needed to defined a PROFILE type acid to handle the PERMITS done with RACF to a GROUP.

-It's why with Top Secret IZUADMIN, IZUUSER and IZUUNGRP are defined as GROUP type acid. To handle the RACF PERMITS PROFILEs needs to be created and have to replace IZUADMIN, IZUUSER and IZUUNGRP when RACF PERMITs are made.

-The following profiles have been intentionally chosen for this purpose: 

IZUADNPR is for IZUADMIN

IZUUSRPR is for IZUUSER

-There are no RACF PERMITS for IZUUNGRP group.

-Duplicates TSS ADD may exist, keep one and get rid of others.

-You have to change cert#001, cert#002, #dept and #keyr with names to fit your requirements.