Skip Headers
Oracle® Identity Manager Connector Guide for IBM RACF Advanced
Release 9.0.4

Part Number E10451-20
Go to Documentation Home
Go to Book List
Book List
Go to Table of Contents
Go to Index
Go to Feedback page
Contact Us

Go to previous page
Go to next page
PDF · Mobi · ePub

A APF-Authorized Libraries

APF means "Authorized Program Facility". In a z/OS environment, APF is a facility that permits the identification of programs that are authorized to use restricted functions. APF-authorized programs must reside in one of the following authorized libraries:

Authorized libraries are defined in an APF list, or in the link pack area (LPA). Any module in the LPA (pageable, modified, fixed, or dynamic) will be treated by the system as though it came from an APF-authorized library. The installation must ensure that it has properly protected SYS1.LPALIB and any other library that contributes modules to the link pack area to avoid system security and integrity exposures, just as it would protect any APF-authorized library.

APF also prevents authorized programs (supervisor state, APF-authorized, PSW key 0-7) from accessing a load module that is not in an APF-authorized library.

To find the datasets that have been APF authorized:

  1. Type TSO ISRDDN in your ISPF session (some shops need just ISRDDN with no TSO prefix) and hit enter.

  2. Type APF and hit enter. It'll bring up a list of all datasets that are APF authorized.

    Remember that, if you like to use an APF authorized dataset in a job STEPLIB, make sure all the datasets in the STEPLIB are APF authorized.

    Surrounding text describes apf_a.gif.
    Surrounding text describes apf_au.gif.
    Surrounding text describes apf_auth.gif.