Effective RACF Administration - BE87G

Effective RACF Administration - BE87G


This intermediate course is for people who are new to the RACF component of the z/OS Security Server, and responsible for security administration. This includes people who are planning to implement RACF for the first time, and people who are security administrators in installations where RACF is already implemented.



  • You should be familiar with the facilities of the system, logging on to TSO and using ISPF.
  • A knowledge of resources like data sets, DASD volumes, and programs is required to get the maximum benefit from this course.

This knowledge can be obtained by attending Fundamental System Skills in z/OS - ES10G.

Alternatively, consider taking Basics of z/OS RACF Administration - ES19G instead of this Effective RACF Administration course. Basics of z/OS RACF Administration spends the first day covering these prerequisites and provides a more basic understanding of RACF.



5 days.

Course Objectives

This course prepares you to be a more effective security administrator as you gain experience and confidence in using the RACF component of the z/OS Security Server. To reinforce lectures, the course offers hands-on exercises where you use the RACF component of the z/OS Security Server to define users, set up group structures, define general resources, protect z/OS data sets, and use several RACF utilities.

  • Identify the security requirements of a system
  • Evaluate the facilities and options of RACF
  • Define users to RACF
  • Set up a RACF group structure
  • Use RACF to protect resources
  • Select options to tailor RACF
  • Evaluate and implement RACF database and performance options
  • Identify tools available for auditing
  • Administer the system so that it is consistent with the installation's security goals

Course Content

Day 1
Unit 1 - Security and RACF overview
Unit 2 - Administering groups and users
Lab 1, 2, and 3 - Log on to the lab system, Defining a RACF group structure, and User administration

Day 2
Lab review
Unit 2 - Administering groups and users (cont.)
Lab 4 - Delegating security administration
Unit 3 - Protecting z/OS data sets
Lab 5 - Protecting z/OS data sets: Part 1

Day 3
Unit 3 - Protecting z/OS data sets (cont.)
Lab 6 - Protecting z/OS data sets: Part 2
Lab review
Unit 4 - Introduction to user administration and delegation and general resources
Lab 7 - Password reset granularity
Unit 5 - RACF database, tables, and performance options

Day 4
Unit 6 - RACF utilities and exits
Unit 7 - RACF options
Unit 8 - Auditing the RACF environment
Lab 8 or Lab 9 or Lab 10

Day 5
Lab review
Unit 9 - Storage management and RACF
Unit 10 - Security for JES facilities
Unit 11 - Security classification

Public Courses

On-Site Courses

Can't attend one of our public classes? Booking for multiple people?

All our courses are available on your site! Delivered for your staff, at your premises.

Contact us to find out more...