Overview
This interface is a unidirectional download interface to bring data from RACF to Sage, using the IRRDBU00 unloads utility. The upload shall consist of JCL batch commands based on the Sage Differences format.
The main input to the RCM RACF Interface requires a download from RACF using the IRRDBU00 unload utility. This text file should then be segmented according to various line types, each representing a different type of entity and/or connections, per the following semantic mapping.
The import utility has 2 main modes of import:
1. Import RACF groups as roles.
This option treats RACF as a “role base system” and imports all the RACF groups as roles and all the “Data Sets”, “Transactions” etc.. as resources. This mode allows the customer to analyze the existing groups in RACF and run thorough cleanup of the RACF system.
2. Import RACF groups as resources
This mode allows importing only the RACF accounts and their groups memberships. This mode is used for business role modeling.
Import process
There is also a possibility to add enriching data about users attributes. The output of the converter is a Sage configuration, with RACF groups appearing as Sage roles, and with RACF profiles as Sage resources.
In the Figure below, the first section corresponds to the output Sage configuration. The second section enumerates the RACF IRRDBU00 files. If all lines appear in same file, it is possible to input the same file name in each input. However, for performance reasons, it is better to separate the line types into separate files. Finally, the third section provides the (optional) name of a supplementary HR file, with one line per each user that one wishes to enrich.
Semantic Mapping
| RACF Unload File | Sage Configuration |
| Users (0200 Lines) | Sage Users: SAUserID |
| Groups (0100 Lines) | Sage Roles: Role Name |
| 0400 Lines – Data set basic data | Sage Resources: Profile+ Access+ "DataSet" |
| 0500 Lines – General resource basic data | Sage Resources: Profile+ Access+ Class |
| 0203 Lines | User-Role connection |
| 0404 | User/Role-Resource connections for Data Sets |
| 0505 | User/Role-Resource connections for General Resources |
| HR File | Other Sage Users attributes. |
Sage also creates one additional special role, called UACC, that models the default access modes for datasets and general resources.
