Let’s make it work for you
RACF: Advanced Administration
- Categories:
- Infrastructure and Networking Software and DevOps
- Code:
- TPRAAD
Overview
Prerequisites
Attendees should have a clear understanding of RACF at both the conceptual and practical level. All should have attended the course RACF Administration & Auditing.What's included
Select your preferred way to learn:
What is Classroom?
Hands-on, instructor-led training delivered in a QA learning centre
In-person training in a dedicated QA learning centre. Learners benefit from expert-led sessions, collaborative activities, and structured, hands-on workshops in a distraction-free environment. If you can’t attend in person, many classroom courses are also available to attend remotely.
Classroom sessions can be arranged on request. Please contact your account manager to discuss availability in your region
Best for: Individuals and teams who benefit from deep focus, direct interaction, and practical, hands-on learning.
What's included?
3 Days instructor led course
6 month free access to QA learning platform
Free 6-Month Access: Learning Platform Discovery plan
Included FREE with every instructor‑led course
Get free guided access to the QA Learning Platform. Assess your skills, explore in-demand topics, and understand which areas to focus on.
Learn AI, Cloud, Data, and Leadership skills at your own pace.
Put skills into practice with hands-on Labs and Simulabs.
Validate knowledge and highlight gaps with skills assessments.
What is bespoke training?
Custom instructor-led training designed by QA to fit your needs
Tailored programmes built around your organisation’s goals, challenges, and skill levels. Delivered in the format that suits you to maximise relevance and impact.
Best for: Organisations and teams looking to target specific business priorities and capabilities with QA subject matter expertise.
Find out more about the course:
Learning outcomes
- describe and explain in detail the RACF architecture, its components and facilities
- understand and use the SETROPTS and RVARY command to manipulate the RACF options and database
- use Advanced General Resources classes
- define users to use TSO
- define the parameters needed to set up security for JES2 and SDSF
- describe the facilities provided by RRSF
- describe the B1 Security parameters including Security labels, levels and categories
- list what facilities RACF provides for Digital Certificates.
Course outline
Why do we need security?; What does security provide?; How does RACF work?; RACF profiles; RACF classes; Controlling access; RACF commands.
Defining TSO UsersTSO & RACF; The TSO segment of a user profile; TSO General Resource classes; TSO/E logon screen; TSO administration.
Advanced General ResourcesThe FACILITY Class in general; The HELPDESK function; Setting up the HELPDESK facility classes; Password Reset and List User with the Owner and Group functions; Password Enveloping; How does password enveloping work; Exceptions to Password enveloping; RACF Variables; Using the RACFVARS Class; Using RACF variables; FIELD Level access checking; Using the FIELD class; Delegating TSO Administration; Security for OMVS; Using the CFIELD class; What is a CUSTOM FIELD; RACF Command changes; Define a Custom Field; Activate a Custom Field; Putting data into a Custom Field; Authorisation for CSDATA; RACF Panel changes; RACF Profile segments; DASD volume operations; Access to DASD volumes; DASDVOL profiles; RACF security for TAPES; Tape volume protection; Tape data set protection;TAPEVOL, BLP; OPERCMDS class.
RACF & JES2/SDSFRACF & JES2; JES resources protected by RACF; Batch user identification; Userid propagation; Surrogate Job Control; JES Earlyverification; Started Task identification; SETROPTS options for JES; Network Job Entry (NJE); Remote Job Entry (RJE); z/OS security environment; Resource classes for JES security; Securing jobs with RACF; Job input processing; Job submission control; Job validation; JES job input sources; JESINPUT - controlling Port-Of-Entry device names; Job name control; TSO SUBMIT/CANCEL commands; SURROGAT class; Surrogate job submission; Job input processing: PROPCNTL & SECLABEL; Nodes class; NJE security; Controlling transmission to other nodes; Controlling receipt of jobs & sysout; Propagation through NJE; Translation between nodes; RJE/RJP signon & logon security; Controlling output destinations; Security overlays with PSF; Spool protection; JES dataset name format; JESPOOL class profiles; Controlling messages; Controlling data transmission; SDSF; SDSF authorised commands; SDSF line & implicit commands.
RACF Remote Sharing FacilityThe RACF Remote Sharing Facility; RACF command direction; RACF password synchronisation; managed user associations; controlling RACLINK use; controlling password synchronisation; controlling the AT keyword; automatic RACF command direction; controlling automatic RACF command direction; combined RACF command direction; use of ONLYAT keyword; automatic password synchronisation; controlling automatic password synchronisation; password synchronisation by command; combined RACF command direction; defining RRSF nodes; the RACF subsystem & parameter library; APPC and TCP/IP connections.
Security LabelsSecurity classification; Multilevel security;Security labels; Security levels; Security categories; Dominance and equivalence.
RACF & Digital CertificatesCryptography in Internet applications; Public key cryptography overview; What is a digital certificate?; Public key & certificate; Uses for certificates in applications; Secure Sockets Layer (SSL); Digital certificates and RACF; How RACF uses digital certificates; RACF classes & commands; RACF certification generation; RACDCERT command; Creating a certificate; Gencert examples; Key rings; Certification installation; RACDCERT ADD examples; Certification installation; Certificate management.
SETROPTS and RVARYBasic SETROPTS; Dataset related parameters; General related parameters; InStorage Profile parameters, B1 Security parameters; JES parameters; Userid and Password parameters; AUDIT parameters; SETROPTS command authority; the RVARY command; RVARY Passwords; RACF FAILSOFT processing.
Q & A sessionGood to know
Ready to book? Complete the form and a member of our team will be in touch shortly to discuss your options.
Let’s make it work for you. Speak to one of our learning experts today.
What our customers are saying
“As the administrator, it’s critical for me to be able to demonstrate where their skills started and where they’ve increased, and that’s all proven by the assessments. It’s been really valuable to us because it checks all the boxes for what all my stakeholders care about, including me.”
Jennifer Zaborowski
Director of IT Learning & Development, Regeneron
“I participated in an IT Project Management Workshop, and I have to say it was by some way, the most well organised, best presented, engaging, informative and inspiring workshop or training course I have been on with QA. The trainer’s willingness to spend his time and share his experience and resources with me were second to none, and I truly feel better prepared going forward in my career.”
James
QA learner
Portfolio Director
Rob Blincoe
Portfolio Director – Cloud & Infrastructure
Frequently asked questions
How can I create an account on myQA.com?
There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.
If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".
If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.
Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.
How do QA’s virtual classroom courses work?
Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.
We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.
How do QA’s online courses work?
QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course.
Once you have purchased the Online course and have completed your registration, you will receive the necessary details to enable you to immediately access it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.
All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.
When will I receive my joining instructions?
Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.
When will I receive my certificate?
Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.