If the model user has no UID, does the automatic UID assignment work if UNIQUSER is ON?
If the answer is YES, is the UID on model user necessary?
Regarding MODLUSER(acid), should the ACID be given the fields UID, HOME, OMVSPGM, OECPUTM,PROCUSER, ASSIZE,THREADS,MMAPAREA,MEMLIMIT, and SHMEMMAX?
This process hinges on the MODLUSER, UNIQUSER, DFLTRNGU and DFLTRNGG Control Options.
UNIQUSER determines whether or not a unique UID/GID is assigned to users who attempt to sign into USS without USS credentials. If set to ON then a UID should be assigned and the other attributes from the model acid copied.
MODLUSER defines the model acid containing the OMVS attributes to be modeled.
DFLTRNGU(xxx,yyy) defines the range of the UID numbers assigned to the acid. f no range is defined the default is from 1 to 2,147,483,647
DFLTRNGG(xxx,yyy) defines the range of the GID numbers assigned to the group acid. If no range is defined the default is from 1 to 2,147,483,647
The algorithm is that the next available UID/GID within the specified range is chosen.
In other words:
With UNIQUSER set a user will be assigned a new UID according to the range specified in DFLTRNGU at entry into USS aslong as the model user is set up with the MODLUSER Control Option. The UID does not need to be set to UID(?) for the MODLUSER acid, any value for UID on the model user is sufficient. In fact, no UID is required on the model acid at all.
As long as UNIQUSER and MODLUSER are set the UID will be assigned.
As for the group/gid, a group and dfltgrp must be assigned to the acid prior to logging into uss. If a user signs on with a group that has no assigned GID then a unique one will be assigned as long as UNIQUSER is set. As expected, the GID will be chosen based upon the DFLTRNGG Control Option.
Top Secret will not create or assign a group to the acid signing into USS either as a GROUP or DFLTGRP.
Release: TOPSEC00200-15-Top Secret-Security