On Wed, 20 Oct 2010 10:46:09 -0500, Hal Merritt <hmerr...@jackhenry.com> wrote:
>Cross posted to MVS and RACF. > >We don't use OMVS and have no plans to do so except for the bare minimum required. I did not choose to use the 'backstop' and so code a OMVS segment on each user and group profile as appropriate. > >Somehow I have accumulated a number of (non human) profiles with UID 0 and a number of duplicate UID and GID assignments (that is, the same GID assigned to related groups and the same UID assigned to related ID's). I got dinged n a recent audit and am working on my remediation strategy. > There is nothing wrong with multiple UID(0) non human userids. But you shouldn't use UID(0) unless documented as required by the software / product owner. So before you change them from UID(0), make sure it is safe to do so and have a test plan in place (testing in a sandbox / development LPAR is of course a good idea). >I am of the 'old school' where 'any standard is better than no standard' and would normally try to craft UID's and GID's in a pattern such as xxyyyyyyyy where xx is a major grouping and yyyyyyy is a unique number. A 'major grouping' could be employee, process, etc. > >Does this august group think it is worthwhile to go to the trouble of doing this, or should I just assign random numbers? > It certainly won't hurt, but if you have a good way of identifying people via USERID naming standard, it probably isn't worth the effort IMO. But I'm also curious if other shops have bothered to do this (none of the ones I have worked at have). Mark -- Mark Zelden - Zelden Consulting Services - z/OS, OS/390 and MVS mailto:mzel...@flash.net Mark's MVS Utilities: http://home.flash.net/~mzelden/mvsutil.html Systems Programming expert at http://expertanswercenter.techtarget.com/ ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
