This document provides training and instructions for RACF managers and backups on administering user accounts and access controls in RACF. It describes the basic concepts of RACF, the RACF manager panel interface, and procedures for adding, updating and deleting users. Managers are responsible for carefully managing user accounts and access groups to protect data confidentiality and integrity. The document guides managers through using the RACF panel to view users, change passwords and group memberships, and maintain proper local access controls for systems.
After completing this module, you will be able to:
List and describe the major components of the Teradata architecture.
Describe how the components interact to manage incoming and outgoing data.
List 5 types of Teradata database objects.
ERP Magazine is a monthly publication focusing on ERP/SAP software technical insights and innovations, for both new and advanced learners. In every issue, leading authors and consultants from a diverse set of companies present their ideas and/or achievements in a clear fashion. Each article is carefully reviewed both by technical and English-language experts. The graphics are rich in content and visual style, and the articles feature illustrative real-world coding. Our readers are Basis, ABAP, Workflow, Web Dynpro, HANA, Fiori and Mobility consultants. We publish SAP/ERP technical articles in a variety of lengths and sizes. And we include general tips and feature-length articles as well. We will be showcasing a number of published book chapters in upcoming editions, along with including white papers about useful tools and products.
ERP Magazine April 2018 - The magazine for SAP ABAP ProfessionalsRehan Zaidi
ERP Magazine is a monthly publication focusing on ERP/SAP software technical insights and innovations, for both new and advanced learners. In every issue, leading authors and consultants from a diverse set of companies present their ideas and/or achievements in a clear fashion. Each article is carefully reviewed both by technical and English-language experts. The graphics are rich in content and visual style, and the articles feature illustrative real-world coding. Our readers are Basis, ABAP, Workflow, Web Dynpro, HANA, Fiori and Mobility consultants. We publish SAP/ERP technical articles in a variety of lengths and sizes. And we include general tips and feature-length articles as well. We will be showcasing a number of published book chapters in upcoming editions, along with including white papers about useful tools and products. Available on Amazon Worldwide in Kindle format.
After completing this module, you will be able to:
List and describe the major components of the Teradata architecture.
Describe how the components interact to manage incoming and outgoing data.
List 5 types of Teradata database objects.
ERP Magazine is a monthly publication focusing on ERP/SAP software technical insights and innovations, for both new and advanced learners. In every issue, leading authors and consultants from a diverse set of companies present their ideas and/or achievements in a clear fashion. Each article is carefully reviewed both by technical and English-language experts. The graphics are rich in content and visual style, and the articles feature illustrative real-world coding. Our readers are Basis, ABAP, Workflow, Web Dynpro, HANA, Fiori and Mobility consultants. We publish SAP/ERP technical articles in a variety of lengths and sizes. And we include general tips and feature-length articles as well. We will be showcasing a number of published book chapters in upcoming editions, along with including white papers about useful tools and products.
ERP Magazine April 2018 - The magazine for SAP ABAP ProfessionalsRehan Zaidi
ERP Magazine is a monthly publication focusing on ERP/SAP software technical insights and innovations, for both new and advanced learners. In every issue, leading authors and consultants from a diverse set of companies present their ideas and/or achievements in a clear fashion. Each article is carefully reviewed both by technical and English-language experts. The graphics are rich in content and visual style, and the articles feature illustrative real-world coding. Our readers are Basis, ABAP, Workflow, Web Dynpro, HANA, Fiori and Mobility consultants. We publish SAP/ERP technical articles in a variety of lengths and sizes. And we include general tips and feature-length articles as well. We will be showcasing a number of published book chapters in upcoming editions, along with including white papers about useful tools and products. Available on Amazon Worldwide in Kindle format.
SAP ABAP Interview Questions-XploreSAP Online TrainingsPooja Arani
we are at the forefront of innovative for IT Services across USA, CANADA, ASIA and EUROPE. Our vision is to provide IT online training to our students.
More visit:http://www.xploresap.com or
email: Info@XploreSAP.com
CASE STUDY InternetExcel Exercises, page 434, textRecord your.docxketurahhazelhurst
CASE STUDY
Internet/Excel Exercises, page 434, text
Record your findings in a Word document and submit it online
IBM has substantial operations in many countries, including the United States, Canada, and Germany. Go to finance.yahoo.com/q?s=ibm.
1. Click on Historical Prices. (Or apply this exercise to a different MNC.) Set the date range so that you can obtain quarterly values of the U.S. stock index for the last 20 quarters. Insert the quarterly data on a spreadsheet. Compute the percentage change in IBM’s stock price for each quarter. Next go to finance.yahoo.com/stock-center/ and click (under U.S.) on S&P Composite 1500 Index, which represents the U.S. stock market index, so that you can derive the quarterly percentage change in the U.S. stock index over the last 20 quarters. Then run a regression analysis with IBM’s quarterly return (percentage change in stock price) as the dependent variable and the quarterly percentage change in the U.S. stock market’s value as the independent variable. (Appendix C explains how Excel can be used to run regression analysis.) The slope coefficient serves as an estimate of the sensitivity of IBM’s value to the U.S. market returns. Also, check the fit of the relationship based on the R-squared statistic.
2. Go to finance.yahoo.com/stock-center/ and click (under “Europe”) on DAX, which represents the German stock market index. Repeat the process described in exercise 1 so that you can assess IBM’s sensitivity to the German stock market. Compare the slope coefficient between the two analyses. Is IBM’s value more sensitive to the U.S. market or the German market? Does the U.S. market or the German market explain a higher proportion of the variation in IBM’s returns (check the R-squared statistic)? Offer an explanation of your results.
Lab 5 Database Security
Use the script from week 1 for the week 5 lab.
1. Create four new users
a. The first user will have full rights to the database
b. The second user grant access to the Client’s table and allow them the rights to INSERT data into the clients table
c. The third user grant rights to create user logins and reset passwords
d. The fourth user grant column rights to the Course_Activity table allow access to the Course Code and Grade column. Allow user to UPDATE a maximum of 5 times per hour.
2. Login with each user to demonstrate the rights you have given them
a. User 1 login and create a VIEW for user 2 that just displays the Client table
b. User 2 login and add 3 more clients to the Clients table
c. User 3 login create two new users
d. User 4 login and UPDATE two new entries for Course Code and Grade Column for Client 1 and 2
e. For each user run the Show Privileges command to show correct rights and permissions have been applied
3. Show Log Files: For each user show log files (since we do not have MySQL Enterprise we cannot use the Audit function but as a substitute we can use the built-in log file function)
4. Create a Stored Procedure with User ...
Sap S4 HANA PM Online training +918660816919Senthil kumar
I am a SAP S4 HANA Plant Maintenance Lead consultant of 10 yrs of experience and Providing online training for 9 yrs.
Handling Freelancing projects in SAP S4 HANA PM
Siemens,
Catalog Thiết Bị Tự Động Siemens, Catalog Thiết Bị Tự Động
Catalog Phụ Kiện Siemens, Catalog Phụ Kiện,
Catalog Siemens, Catalog,
http://dienhathe.com,
Chi tiết các sản phẩm khác của Siemens tại https://dienhathe.com
Xem thêm các Catalog khác của Siemens tại https://dienhathe.info
Để nhận báo giá sản phẩm Siemens vui lòng gọi: 0907.764.966
Siemens,
Catalog Thiết Bị Tự Động Siemens, Catalog Thiết Bị Tự Động
Catalog Phụ Kiện Siemens, Catalog Phụ Kiện,
Catalog Siemens, Catalog,
http://dienhathe.com,
Chi tiết các sản phẩm khác của Siemens tại https://dienhathe.com
Xem thêm các Catalog khác của Siemens tại https://dienhathe.info
Để nhận báo giá sản phẩm Siemens vui lòng gọi: 0907.764.966
SAP ABAP Interview Questions-XploreSAP Online TrainingsPooja Arani
we are at the forefront of innovative for IT Services across USA, CANADA, ASIA and EUROPE. Our vision is to provide IT online training to our students.
More visit:http://www.xploresap.com or
email: Info@XploreSAP.com
CASE STUDY InternetExcel Exercises, page 434, textRecord your.docxketurahhazelhurst
CASE STUDY
Internet/Excel Exercises, page 434, text
Record your findings in a Word document and submit it online
IBM has substantial operations in many countries, including the United States, Canada, and Germany. Go to finance.yahoo.com/q?s=ibm.
1. Click on Historical Prices. (Or apply this exercise to a different MNC.) Set the date range so that you can obtain quarterly values of the U.S. stock index for the last 20 quarters. Insert the quarterly data on a spreadsheet. Compute the percentage change in IBM’s stock price for each quarter. Next go to finance.yahoo.com/stock-center/ and click (under U.S.) on S&P Composite 1500 Index, which represents the U.S. stock market index, so that you can derive the quarterly percentage change in the U.S. stock index over the last 20 quarters. Then run a regression analysis with IBM’s quarterly return (percentage change in stock price) as the dependent variable and the quarterly percentage change in the U.S. stock market’s value as the independent variable. (Appendix C explains how Excel can be used to run regression analysis.) The slope coefficient serves as an estimate of the sensitivity of IBM’s value to the U.S. market returns. Also, check the fit of the relationship based on the R-squared statistic.
2. Go to finance.yahoo.com/stock-center/ and click (under “Europe”) on DAX, which represents the German stock market index. Repeat the process described in exercise 1 so that you can assess IBM’s sensitivity to the German stock market. Compare the slope coefficient between the two analyses. Is IBM’s value more sensitive to the U.S. market or the German market? Does the U.S. market or the German market explain a higher proportion of the variation in IBM’s returns (check the R-squared statistic)? Offer an explanation of your results.
Lab 5 Database Security
Use the script from week 1 for the week 5 lab.
1. Create four new users
a. The first user will have full rights to the database
b. The second user grant access to the Client’s table and allow them the rights to INSERT data into the clients table
c. The third user grant rights to create user logins and reset passwords
d. The fourth user grant column rights to the Course_Activity table allow access to the Course Code and Grade column. Allow user to UPDATE a maximum of 5 times per hour.
2. Login with each user to demonstrate the rights you have given them
a. User 1 login and create a VIEW for user 2 that just displays the Client table
b. User 2 login and add 3 more clients to the Clients table
c. User 3 login create two new users
d. User 4 login and UPDATE two new entries for Course Code and Grade Column for Client 1 and 2
e. For each user run the Show Privileges command to show correct rights and permissions have been applied
3. Show Log Files: For each user show log files (since we do not have MySQL Enterprise we cannot use the Audit function but as a substitute we can use the built-in log file function)
4. Create a Stored Procedure with User ...
Sap S4 HANA PM Online training +918660816919Senthil kumar
I am a SAP S4 HANA Plant Maintenance Lead consultant of 10 yrs of experience and Providing online training for 9 yrs.
Handling Freelancing projects in SAP S4 HANA PM
Siemens,
Catalog Thiết Bị Tự Động Siemens, Catalog Thiết Bị Tự Động
Catalog Phụ Kiện Siemens, Catalog Phụ Kiện,
Catalog Siemens, Catalog,
http://dienhathe.com,
Chi tiết các sản phẩm khác của Siemens tại https://dienhathe.com
Xem thêm các Catalog khác của Siemens tại https://dienhathe.info
Để nhận báo giá sản phẩm Siemens vui lòng gọi: 0907.764.966
Siemens,
Catalog Thiết Bị Tự Động Siemens, Catalog Thiết Bị Tự Động
Catalog Phụ Kiện Siemens, Catalog Phụ Kiện,
Catalog Siemens, Catalog,
http://dienhathe.com,
Chi tiết các sản phẩm khác của Siemens tại https://dienhathe.com
Xem thêm các Catalog khác của Siemens tại https://dienhathe.info
Để nhận báo giá sản phẩm Siemens vui lòng gọi: 0907.764.966
Show drafts
volume_up
Empowering the Data Analytics Ecosystem: A Laser Focus on Value
The data analytics ecosystem thrives when every component functions at its peak, unlocking the true potential of data. Here's a laser focus on key areas for an empowered ecosystem:
1. Democratize Access, Not Data:
Granular Access Controls: Provide users with self-service tools tailored to their specific needs, preventing data overload and misuse.
Data Catalogs: Implement robust data catalogs for easy discovery and understanding of available data sources.
2. Foster Collaboration with Clear Roles:
Data Mesh Architecture: Break down data silos by creating a distributed data ownership model with clear ownership and responsibilities.
Collaborative Workspaces: Utilize interactive platforms where data scientists, analysts, and domain experts can work seamlessly together.
3. Leverage Advanced Analytics Strategically:
AI-powered Automation: Automate repetitive tasks like data cleaning and feature engineering, freeing up data talent for higher-level analysis.
Right-Tool Selection: Strategically choose the most effective advanced analytics techniques (e.g., AI, ML) based on specific business problems.
4. Prioritize Data Quality with Automation:
Automated Data Validation: Implement automated data quality checks to identify and rectify errors at the source, minimizing downstream issues.
Data Lineage Tracking: Track the flow of data throughout the ecosystem, ensuring transparency and facilitating root cause analysis for errors.
5. Cultivate a Data-Driven Mindset:
Metrics-Driven Performance Management: Align KPIs and performance metrics with data-driven insights to ensure actionable decision making.
Data Storytelling Workshops: Equip stakeholders with the skills to translate complex data findings into compelling narratives that drive action.
Benefits of a Precise Ecosystem:
Sharpened Focus: Precise access and clear roles ensure everyone works with the most relevant data, maximizing efficiency.
Actionable Insights: Strategic analytics and automated quality checks lead to more reliable and actionable data insights.
Continuous Improvement: Data-driven performance management fosters a culture of learning and continuous improvement.
Sustainable Growth: Empowered by data, organizations can make informed decisions to drive sustainable growth and innovation.
By focusing on these precise actions, organizations can create an empowered data analytics ecosystem that delivers real value by driving data-driven decisions and maximizing the return on their data investment.
As Europe's leading economic powerhouse and the fourth-largest hashtag#economy globally, Germany stands at the forefront of innovation and industrial might. Renowned for its precision engineering and high-tech sectors, Germany's economic structure is heavily supported by a robust service industry, accounting for approximately 68% of its GDP. This economic clout and strategic geopolitical stance position Germany as a focal point in the global cyber threat landscape.
In the face of escalating global tensions, particularly those emanating from geopolitical disputes with nations like hashtag#Russia and hashtag#China, hashtag#Germany has witnessed a significant uptick in targeted cyber operations. Our analysis indicates a marked increase in hashtag#cyberattack sophistication aimed at critical infrastructure and key industrial sectors. These attacks range from ransomware campaigns to hashtag#AdvancedPersistentThreats (hashtag#APTs), threatening national security and business integrity.
🔑 Key findings include:
🔍 Increased frequency and complexity of cyber threats.
🔍 Escalation of state-sponsored and criminally motivated cyber operations.
🔍 Active dark web exchanges of malicious tools and tactics.
Our comprehensive report delves into these challenges, using a blend of open-source and proprietary data collection techniques. By monitoring activity on critical networks and analyzing attack patterns, our team provides a detailed overview of the threats facing German entities.
This report aims to equip stakeholders across public and private sectors with the knowledge to enhance their defensive strategies, reduce exposure to cyber risks, and reinforce Germany's resilience against cyber threats.
Explore our comprehensive data analysis project presentation on predicting product ad campaign performance. Learn how data-driven insights can optimize your marketing strategies and enhance campaign effectiveness. Perfect for professionals and students looking to understand the power of data analysis in advertising. for more details visit: https://bostoninstituteofanalytics.org/data-science-and-artificial-intelligence/
2. TWC RACF Training
2
Training for RACF Managers and
Backups
Presented by the Data Processing Department
of the Texas Workforce Commission
Please track this presentation on your “Slides
for TWC RACF Training” Printout
3. TWC RACF Training
3
RACF Managers and Backups are
Security Guardians
Protect Information resources from unauthorized disclosure,
modification, and destruction
Careful and consistent User Account Administration by RACF
Managers/Backups
– Management of accounts is a key component in the protection of
data, its confidentiality and integrity
– Assures proper RACF access controls and RACF maintenance
– Facilitates local access and accountability for TWC resource systems
use
4. TWC RACF Training
4
Introduction
The following brief narrative will describe the
basic concepts that drive the RACF system.
It is not necessary that you understand how
the RACF system works to maintain the
RACF system locally, but a cursory
understanding will help you to appreciate
what happens internally when you perform
some RACF activity.
5. TWC RACF Training
5
Basic RACF Concepts
RACF (Resource Access Control Facility) allows the agency to
define users who can access protected resources and relates
how users can access the protected resources.
When a user is defined to the system, RACF builds and stores
a user profile in the RACF data set. The profile contains a
description of the user for RACF including name, user ID,
owner, and other user characteristics. The local Information
Security manager who defines a new user to RACF becomes
the “owner” of the new user. An owner has the capability to
modify, list and delete the user’s responsibilities and work
assignment.
6. TWC RACF Training
6
RACF Group Managers Panel
To define users to RACF, a unique panel has been developed.
This panel is called the Group Managers Panel because it is
used by local Information Security managers to add, modify and
delete users. (Note: Groups and Resources are defined to
RACF by the RACF Administration unit).
An Information Security Manager has a special user code that
allows him or her to access the RACF Group Managers Panel
and perform certain RACF authorized activities, such as
adding, updating, or deleting a user.
7. TWC RACF Training
7
RACF Group Managers Panel
The RACF Group Managers panel is on the
Time-Share Option (TSO) system. The
manager is authorized to use the TSO
system for RACF Manager panel activities
only.
9. TWC RACF Training
9
After entering this, the system will request the Information Security
manager’s user ID (IKJ56700A ENTER USERID). This user ID will be
provided by the RACF Administration unit.
10. TWC RACF Training
10
When the manager enters his user ID (Mnnnn), the TSO/E LOG-ON
screen will appear. The manager now enters his or her password
(6 to 8 alphanumeric characters).
11. TWC RACF Training
11
After entering the password and pressing enter, the manager will receive log-
on data and any current messages addressed to his TSO user ID. When three
asterisks (***) appear on the last line, log-on to TSO is complete, and the
manager need only to depress the ENTER key to receive the RACF Managers
Menu.
13. TWC RACF Training
13
RACF Group Managers Panel
If the Information Security Manager or Backup revokes their
management ID or forgets their password, they will have to
contact the RACF Administration Unit for assistance. Only the
RACF Administration Unit can unrevoke or issue a new
temporary password for an Information Security Manager or
Backup.
Once the manager or backup have completed sign-on and are
on the RACF system, they may now perform the actions
required, or if in doubt, they can enter HELP on the COMMAND
LINE or depress the F1 key for HELP. The HELP command
will produce the RACF TUTORIAL, step-by-step instructions on
how to use the manager’s panel.
15. TWC RACF Training
15
Group Manager’s Practice Panels
A practice panel has been established for Information Security
Managers to use to sharpen their skills or gain experience without the
fear of “messing things up”. This panel is a close replica of the actual
panel an Information Security Manager will use. The panel will permit
the manager or backup to perform any of the functions he or she may
be required to perform on the actual office panel. The practice panel
will reset itself to its original condition when the manager or backup
signs off. Any changes made to the panel, whether correct or
incorrect, will be erased when the END (F3) key is depressed.
To access the manager’s practice panel the user can use a practice
manager’s ID. The practice IDs used are M9991, M9992, M9993,
M9994 or M9995. All manager practice passwords are TWC12345.
Signing on to TSO as M9991 with the password of TWC12345 will
access the manager’s practice panel. The manager’s practice panel
may be more instructive if used in conjunction with this manual.
16. TWC RACF Training
16
Manager’s Panel Sections
The Information Security Manager’s Panel is
made up of four parts: the COMMAND LINE,
the USER WORK AREA, the GROUP WORK
AREA, and the TABLE OF USERS
18. TWC RACF Training
18
Manager’s Panel Sections
Between the COMMAND LINE and the USER
WORK AREA is a line of function keys (and an
explanation of that function) that will assist the
manager in performing certain actions. A complete
listing of all function keys can be obtained by typing
“KEYS” on the command line and pressing the
ENTER key.
Below the Function key line is a heading line
describing the items appearing in the USER WORK
AREA.
23. TWC RACF Training
23
Manager’s Panel Sections
The COMMAND LINE is where the manager can
communicate instructions to the RACF system,
indicating what may be done. The command line is
indicated by the following characters.
COMMAND ===>
All commands can be entered on this line. Some
commands have a Function (F) key assigned to
them. Pressing the Function (F) key is the same as
entering that command on the COMMAND LINE.
Below the COMMAND LINE is the line of available F
keys.
24. TWC RACF Training
24
Primary Commands
Command/F Key Abbreviation Function
ADD A The information in the work area is
used to create a new user.
CLEAR C Clear the work area.
DELETE D Delete user specified in the work area.
END/F3 END Go back one level.
GET G XXX Fill in the work area with user XXX.
HELP/F1 HELP Request information.
KEYS KEYS Display F key meanings.
POINT P X Display line with primary sort field
greater than or equal to X. The
default for X is "A".
UPDATE U Update user specified in the work area.
25. TWC RACF Training
25
Secondary Commands
Command/F Key Abbreviation Function
LEFT #/F10 L # Move group area in table area left
# number of columns. The default
for # is one.
RIGHT #/F11 R # Move group area in table area
right # number of columns. The
default for # is one.
BACKWARD #/F5 B # Go back # number lines in the
group work area. The default for #
is one.
FORWARD #/F6 F # Advance # number lines in the
group work area. The default for #
is one.
26. TWC RACF Training
26
Secondary Commands
SELECT # S # 1. Select and display users who
have group characters equal to Y
as specified in the command
line parameter #. # can be up to 6
group numbers.
EXAMPLE: S 4,7,8
2. Specify (Y or N).
EXAMPLE: S N,4,11,Y,5,9
Plus selection criteria specified in
group work area.
MEANING # M # Display up to six meaning panels.
EXAMPLE: M 2,6,8
27. TWC RACF Training
27
To the right of the COMMAND LINE is the SCROLL command, which
is highlighted on the screen below.
28. TWC RACF Training
28
The space after the arrow is the SCROLL
amount entry field. This parameter indicates
how many lines of users are advanced in the
TABLE of USERS when the UP and DOWN
commands or the F7 and F8 keys are used.
29. TWC RACF Training
29
The scroll amount area is indicated by: SCROLL=== PAGE
The default as noted is PAGE. The acceptable entries in this field and their
meanings are listed below.
Command Description
MAX Scroll to the top or bottom
PAGE Scroll the number of lines
displayed
HALF Scroll half of the page
CSR Scroll to the line where the
cursor is displayed
DATA Scroll a page minus one.
1 thru 9999 Scroll this many lines
30. TWC RACF Training
30
The USER WORK AREA is the two lines directly below the F key line.
A duplication of the USER WORK AREA appears below:
31. TWC RACF Training
31
The top line of the USER WORK AREA identifies the entry fields in the line
below for all categories except the TAG. No additional area is needed for
the TAG.
Workspace Field Instruction
Password Only appears when entered by the
Manager during an ADD or UPDATE.
UID Three character user identification.
First character must be an alphabetic
character.
SSN Nine digit Social Security number of
the user.
NAME Twenty character user name, last name
first, First name and middle initial.
32. TWC RACF Training
32
GROUP Local office or department. Usually Lnnnn
(where nnnn is the local office or
department number).
TSO ACCT Nine character number for accounting
purposes, assigned by the RACF
Administration Unit.
TAG Character placed on the left of the USER in
the TABLE OF USER AREA to identify
specific users.
33. TWC RACF Training
33
Before each identifier (UID, SSN, Name, etc) there is an entry field that can be
set to:
Y Display this field as one of the fields in the TABLE OF USERS.
N Do not display this field.
S Display the TABLE OF USERS entries in ascending sequence by
this field. (i.e., S in front of SSN will arrange the list of users in
ascending SSN order.)
P Display the TABLE OF USERS entries in ascending sequence by
this field. (i.e., P in front of NAME will arrange the list of users in
alphabetic order by name). The P can be used as the primary sort
in conjunction with the S as a secondary sort.
34. TWC RACF Training
34
Group Work Area
The GROUP WORK AREA contains a list of the access groups (authority
codes into which the manager may put users. Membership in an
access group gives the user the authority to perform certain functions.
An example of a group area appears below:
__01-REVOKED __02-GROUPA __03-GROUPB __04-GROUPC
__05-GROUPD __06-GROUPE __07-GROUPF
35. TWC RACF Training
35
Associated with each access group name is a one-character
entry field represented by __ and a group number. The group
number identifies the group with a column in the TABLE OF
USERS. When a user is in the USER WORK AREA and he is
in a group, the character “Y” (yes) appears in the column; if a
user is not in a group, it is empty ( __ ).
36. TWC RACF Training
36
These groups are delegated to a manager by the RACF
Administration Unit as directed by the owner of the functions. A
full explanation of the access groups and what functions they
authorize a user to perform can be obtained by entering a “M”
in the entry field next to any group in the GROUP WORK
AREA. The initially delegated groups should include all the
office’s present needs. Additional groups will be delegated to
the manager as the need develops or groups may be requested
from RACF Administration with justification in writing. (See
HOW TO GET ADDITIONAL ACCESS GROUPS.)
37. TWC RACF Training
37
Table of Users
The TABLE OF USERS lists the operators assigned to each
office, one operator per line. Each line (by default) contains the
user id (UID), name and group membership field. The fields
can be selectively displayed, and the table can be sorted by
any of the user fields (see USER WORK AREA). Each Y in a
column of a user line indicates membership in an access group.
Each column has a group number as a heading and each group
number is identified with an access group in the GROUP
WORK AREA.
38. TWC RACF Training
38
If the list of users is longer than the screen
will accommodate, the additional users in the
list can be viewed by using the UP and
DOWN commands or the F7 and F8 keys
(see SCROLLING under PRIMARY
COMMANDS).
39. TWC RACF Training
39
Adding a User to RACF
A user can be added to the TABLE OF
USERS in the following manner:
CAUTION: Be sure to clear the WORK
AREA before adding a user. This can be
done by typing a “C” on the COMMAND line
and pressing enter.
40. TWC RACF Training
40
Work Space Instruction
COMMAND LINE Type “A” or “ADD” after the Command =>
USER WORK AREA Move the cursor to the entry field below the
PASSWORD in the USER WORK AREA
and type the user’s temporary password.
The password must be unique and 6 to 8
alphanumeric characters long. This
temporary password will be used only for initial
sign on. The user will be required to supply a
personal password good for 60 days on initial
sign on.
41. TWC RACF Training
41
Type the three-character user identification under the UID in the
USER WORK AREA.
The first character must be an alphabetic
character. If the user ID is already in use,
RACF will notify the manager with the
message “xxx ALREADY EXISTS” in the
upper right hand corner of the screen when
the data is entered. The manager must
select another UID until he is successful.
NOTE: After receiving message “UID already exists” press F1 to obtain up to
four UID alternatives created by RACF. If you do not wish to use one of the
created UIDs, just enter a new option and press “ENTER” again.
42. TWC RACF Training
42
Type the nine-digit Social Security number in the
space under SSN.
Type the user’s name, last name first, in the space
below NAME. The name can be up to 20
characters long.
(e.g. Greene, William P.)
NOTE: The name field will not accept an apostrophe. For names
such as O’Conner or O’Brien, omit the apostrophe and enter the
name as OConner and OBrien.
43. TWC RACF Training
43
GROUP WORK AREA
Type a “Y” (yes) in the entry field to the left
of every access group where membership
is desired. If an office has more than 35
access groups, the FORWARD (F) and
BACKWARD (B) Commands, or the F5
and F6 keys can be used. (See
Secondary Commands)
NOTE: The cursor can be returned to the COMMAND LINE by depressing the
HOME key.
44. TWC RACF Training
44
Updating a RACF User
Workspace Instruction
COMMAND LINE Type “G xxx” or GET xxx” after
COMMAND ===>, where xxx is the User ID of
the user to be changed.
Press ENTER. The user xxx will be placed in
the USER WORK AREA. Type “U” or
“Update” after COMMAND ===>.
USER WORK AREA Overtype any changes to be made to the user
fields: PASSWORD, SSN or NAME.
45. TWC RACF Training
45
GROUP WORK AREA Type a “Y” (yes) in the entry field to the
left of every access group where
membership is desired. Space out any
“Y” where membership is to be
removed.
Check your work and then press
ENTER. If successful, RACF will print
the message:
“USER xxx UPDATED”
in the upper right hand corner of the
panel.
NOTE: An Information Security manager cannot change his/her own or the
Backup manager’s user profile. Only the RACF Administration Unit can
update management profiles. If assistance is needed to unrevoke a
manager’s ID or obtain a temporary password, the RACF Administration
Unit should be contacted.
46. TWC RACF Training
46
Updating Multiple RACF Users
Updating multiple RACF users
simultaneously can be done by using the
“TAG” function. The TAG function is helpful
when an office has a large number of RACF
users that need to be updated.
Contact the Racf Administration Unit for more
information using the TAG function.
47. TWC RACF Training
47
Revoking/Un-revoking a RACF User
Workspace Instruction
COMMAND LINE Type “G xxx” or “Get xxx” after COMMAND ===>
where xxx is the user ID of the user to be
changed. Press ENTER.
The user xxx will be placed in the USER WORK
AREA.
Type “U” or “Update” after COMMAND ===>
GROUP WORK AREA Type a “Y” (yes) in the entry field to the left
of 01-REVOKE group when a user is to be
denied logon access. Space over the “Y”
if the user is to be unrevoked (user access to
logon restored). Check your work and then
press ENTER. If successful, RACF will
print the message “USER xxx UPDATED”
in the upper right corner of the panel.
NOTE: When un-revoking a user, the manager should also determine if the User needs a new temporary
password.
48. TWC RACF Training
48
Deleting a RACF User
Workspace Instruction
COMMAND LINE Type “G xxx” or “GET xxx” after the
COMMAND ===> where xxx is the user ID
of the user to be deleted. Press ENTER.
The user xxx will be placed in the USER
WORK AREA. Check that the user is the
correct one.
Type “D” or “Delete” after Command ===>,
then press ENTER. If successful, RACF
will print the message “USER xxx Deleted”
in the upper right corner of the panel.
49. TWC RACF Training
49
Transferring a User
If a user is being transferred to another TWC office, the UID can be transferred
by the RACF Administration Unit without the user losing their password. The
request can come from either the receiving or losing Local Security Manager.
The request should be sent to the RACF Administration Unit and must contain
the name and UID of the user being transferred along with the name of the
receiving and losing offices. The user will be transferred to the new RACF
group with all access deleted except the basic sign-on and inquiry (AC01 &
AC02). The managers will be notified when the transfer is complete and the
new manager will be advised to provide the user with the appropriate access
for the new job assignment.
50. TWC RACF Training
50
Access Groups and What They Mean
It is the manager's responsibility to understand the job assignment of
the user and what access code(s) is needed for that job. If the
manager is unsure of the user’s job assignment, the manager should
check with the user’s Supervisor. The user's access should be limited
to only the access codes needed to do the job assigned.
To access the meanings of access codes, the manager signs on to the
Information Security Managers Panel. By placing an "M" in the entry
field of the access group for which he/she desires the meaning and
then depressing the ENTER key, a list of the transactions will appear.
Returning to the manager's panel can be accomplished by using the
F3 key.
51. TWC RACF Training
51
How to get Additional Access Groups
From time to time, when additional functions are developed,
the program department that is responsible for that function will
request that the RACF Administration Unit assign an access
group. The department will inform potential users how to
access the new function. Information Security Managers will be
notified of the new access group if it is to be assigned to users
in their office. If an Information Security Manager believes that
his /her office should have an access group that it currently
does not have, he/she should make this request in writing to the
RACF Administration Unit.
52. TWC RACF Training
52
Office Openings and Closings
When a TWC Office, WDA Office, State Office Department
or other major organizational entity using TWC computer
services is opened or closed or an organizational change
is contemplated, the RACF Administration Unit should be
notified in writing. The user id's for the manager and the
backup will be created or deleted as needed. This will
prevent the disruption of computer services. The
necessary authority codes will also be granted at this time.
53. TWC RACF Training
53
RACF ACTIVITY REPORTS
Function 4 on the RACF MANAGERS MENU is the
'BROWSE RACF REPORTS FOR GROUPS function. The
RACF report documents when a user attempts sign-on with
an incorrect password, accesses an unauthorized function
or attempts to modify resources without proper authority.
This function allows the local security manager to look at
the RACF activity for the previous seven days.
Ideally, the manager should look at the reports daily, but
when time does not permit daily review, the manager
should browse the reports at least weekly.
54. TWC RACF Training
54
Accessing the RACF Reports
Access to the Reports function is on the
RACF Managers Menu. The local security
manager enters the number '4’ after SELECT
OPTION ===> and depresses the ENTER
key. The secondary screen displays a list of
reports for the previous seven days. If there
is no user activity for the group on a
particular date, the report will not be
generated.
55. TWC RACF Training
55
To view a report, position the cursor and type an ‘S’ in front of the
report which represents the day desired. The last number of the
report (1-7) represents the day of the report. (Day 1 is the previous
day’s report.)
56. TWC RACF Training
56
Headings on the RACF Report.
The RACF Report is too wide to fit on the
screen so it is viewed as two halves. The left
half identifies the circumstances surrounding
the event and the right half discusses the
event. You can move between the left and
right halves by toggling the F10 (left) and
F11 (right) keys.
59. TWC RACF Training
59
What the RACF Reports Mean
The RACF reports collect information on system sign on and access events.
Although there are numerous events that could cause a report to be produced,
there are basically seven events for which a local Information Security
Manager should be aware. All involve either sign on or access violations. The
following events should be noted:
EVENT/QUAL DESCRIPTION
1 1 The user has attempted to sign on with an invalid
password.
1 6 The user attempted to sign on with a revoked user
ID.
1 7 The user's ID is automatically revoked.
1 25 The user's current password has expired.
1 26 The user has selected an invalid new password.
2 1 The user has insufficient authority to access the
resource
60. TWC RACF Training
60
Monthly RACF Inactivity Reports
Information Security Managers receive monthly RACF reports of TWC
mainframe RACF IDs for their office/area that show IDs which have
not been used in 90 and 180 days. Employee IDs on the 180-day
report have been automatically deleted. If offices have any employees
on extended leave whose IDs should not be deleted, please contact
RACF Administration.
Information Security Managers should review the 90-day lists to
determine if any IDs need to be deleted. User IDs that have not been
used recently merit investigation to determine if they should be
deleted. To help isolate IDs for investigation, the report includes:
whether the ID is revoked and the last access date.
61. TWC RACF Training
61
RACF IDs not in CHAPS Report
Information Security Managers may also receive an additional report
that lists RACF IDs which do not correspond with employees in the
TWC Peoplesoft Human Resources personnel file. This list is a result
of a social security number crossmatch. You may find that the ID is
current, but the SSN is incorrect in RACF. If this is the case, the
Security Manager will want to correct the SSN in RACF to prevent the
ID from appearing on future reports.
Information Security Managers should keep their RACF table of users
current.
62. TWC RACF Training
62
Information Resources Usage Agreement
(IRUA also known as the “P-41”)
Signed declaration of user’s understanding, acknowledgement,
and endorsement
Required to protect the integrity of information resources on
TWC systems
– All users must sign the TWC Information Resources Usage
Agreement (IRUA or P-41) before access is given to an account
– Users of TWC systems must have a signed TWC IRUA/P-41 on
file and such agreement shall be reaffirmed annually
63. TWC RACF Training
63
Log All Work as RACF Manager
Record and Date (in Word or Excel)
New Users
– Log the new user id and requestor
Modifications
– Resets
– Changes to access privileges (such as additions,
deletions)
Deletions
– Log the user id and requestor
64. TWC RACF Training
64
RACF Manager and Backup Responsibilities
Insure consistent controls for TWC’s
information resources
Decrease potential risks associated with
information technology
65. TWC RACF Training
65
Documentation and Support
Retain the class handout as your RACF manual.
If you have questions, contact
racf.administration@twc.state.tx.us
[“RACF Administration” in the global.]
If you have access to TWC’s Intranet
– Link via “Manuals” menu, Data Processing, Manuals
– Link through the url:
http://intra.twc.state.tx.us/intranet/its/html/iris_racf_ops.html