Overview

This newly upgraded and extended three-day, hands-on course is the natural follow-on to the definitive 'RACF Administration & Auditing' course for all RACF Administrators. It enables attendees to build on the knowledge and skills they have gained previously with further advanced skills and techniques.<br>In this course experienced RACF Administrators will learn how to handle the more technically challenging aspects of using RACF in today's z/OS environments.<br>The course is packed with challenging, practical, hands-on exercises that will reinforce what attendees learn during the classroom sessions.<br><br>This course is also available for one-company, on-site presentations and for live presentation over the Internet, via the Virtual Classroom Environment service.
Read more

Prerequisites

Attendees should have a clear understanding of RACF at both the conceptual and practical level. All should have attended the course RACF Administration & Auditing.
Read more

Delegates will learn how to

  • describe and explain in detail the RACF architecture, its components and facilities
  • understand and use the SETROPTS and RVARY command to manipulate the RACF options and database
  • use Advanced General Resources classes
  • define users to use TSO
  • define the parameters needed to set up security for JES2 and SDSF
  • describe the facilities provided by RRSF
  • describe the B1 Security parameters including Security labels, levels and categories
  • list what facilities RACF provides for Digital Certificates.
Read more

Outline

What is RACF?

Why do we need security?; What does security provide?; How does RACF work?; RACF profiles; RACF classes; Controlling access; RACF commands.

Defining TSO Users

TSO & RACF; The TSO segment of a user profile; TSO General Resource classes; TSO/E logon screen; TSO administration.

Advanced General Resources

The FACILITY Class in general; The HELPDESK function; Setting up the HELPDESK facility classes; Password Reset and List User with the Owner and Group functions; Password Enveloping; How does password enveloping work; Exceptions to Password enveloping; RACF Variables; Using the RACFVARS Class; Using RACF variables; FIELD Level access checking; Using the FIELD class; Delegating TSO Administration; Security for OMVS; Using the CFIELD class; What is a CUSTOM FIELD; RACF Command changes; Define a Custom Field; Activate a Custom Field; Putting data into a Custom Field; Authorisation for CSDATA; RACF Panel changes; RACF Profile segments; DASD volume operations; Access to DASD volumes; DASDVOL profiles; RACF security for TAPES; Tape volume protection; Tape data set protection;TAPEVOL, BLP; OPERCMDS class.

RACF & JES2/SDSF

RACF & JES2; JES resources protected by RACF; Batch user identification; Userid propagation; Surrogate Job Control; JES Earlyverification; Started Task identification; SETROPTS options for JES; Network Job Entry (NJE); Remote Job Entry (RJE); z/OS security environment; Resource classes for JES security; Securing jobs with RACF; Job input processing; Job submission control; Job validation; JES job input sources; JESINPUT - controlling Port-Of-Entry device names; Job name control; TSO SUBMIT/CANCEL commands; SURROGAT class; Surrogate job submission; Job input processing: PROPCNTL & SECLABEL; Nodes class; NJE security; Controlling transmission to other nodes; Controlling receipt of jobs & sysout; Propagation through NJE; Translation between nodes; RJE/RJP signon & logon security; Controlling output destinations; Security overlays with PSF; Spool protection; JES dataset name format; JESPOOL class profiles; Controlling messages; Controlling data transmission; SDSF; SDSF authorised commands; SDSF line & implicit commands.

RACF Remote Sharing Facility

The RACF Remote Sharing Facility; RACF command direction; RACF password synchronisation; managed user associations; controlling RACLINK use; controlling password synchronisation; controlling the AT keyword; automatic RACF command direction; controlling automatic RACF command direction; combined RACF command direction; use of ONLYAT keyword; automatic password synchronisation; controlling automatic password synchronisation; password synchronisation by command; combined RACF command direction; defining RRSF nodes; the RACF subsystem & parameter library; APPC and TCP/IP connections.

Security Labels

Security classification; Multilevel security;Security labels; Security levels; Security categories; Dominance and equivalence.

RACF & Digital Certificates

Cryptography in Internet applications; Public key cryptography overview; What is a digital certificate?; Public key & certificate; Uses for certificates in applications; Secure Sockets Layer (SSL); Digital certificates and RACF; How RACF uses digital certificates; RACF classes & commands; RACF certification generation; RACDCERT command; Creating a certificate; Gencert examples; Key rings; Certification installation; RACDCERT ADD examples; Certification installation; Certificate management.

SETROPTS and RVARY

Basic SETROPTS; Dataset related parameters; General related parameters; InStorage Profile parameters, B1 Security parameters; JES parameters; Userid and Password parameters; AUDIT parameters; SETROPTS command authority; the RVARY command; RVARY Passwords; RACF FAILSOFT processing.

Q & A session

Read more

Why choose QA

Dates & Locations

Frequently asked questions

See all of our FAQs

How can I create an account on myQA.com?

There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.

If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".

If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.

Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.

How do QA’s virtual classroom courses work?

Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.

We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.

Learn more about our Virtual Classrooms.

How do QA’s online courses work?

QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.

All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.

Learn more about QA’s online courses.

When will I receive my joining instructions?

Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.

When will I receive my certificate?

Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.

Contact Us

Please contact us for more information