On 8/22/2006 1:08 PM, [EMAIL PROTECTED] wrote:
Does anyone know how to REVOKE (Suspend) or RESUME a RACF Account via
the RACF LDAP Interface? Browsing the RACF LDAP instance, I see the
attribute "racfattribute" that is set to "REVOKED" - however If I try
to set that attribute from the LDAP interface, it either doesn't
change, or gives a "RACF Segment" error.
All other operations, such as adding users, changing names and
passwords, and deleting users works fine.
Any ideas?
It's covered in section 2.4.2 of the LDAP Admin guide ("Special usage of
racfAttributes and racfConnectAttributes"), I believe.
Basically, if you were doing an ldap modify, you would specify something
like:
add: racfattributes
racfattributes: revoke
Walt Farrell, CISSP
z/OS Security Design, IBM
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
