This IBM® Redbooks® publication helps you to become familiar with the technical changes that were introduced to the security areas with IBM z/OS® V2R2.

The following chapters are included:

- Chapter 1, “RACF updates” on page 1: In this chapter, we describe the read-only auditor attribute, password security enhancements, RACDCERT (granular certificate administration), UNIX search authority, and RACF Remote sharing facility (RRSF).

- Chapter 2, “LDAP updates” on page 13: In this chapter, we describe the activity log enhancements, compatibility level upgrade without LDAP outage, dynamic group performance enhancements, and replication of password policy attributes from a read-only replica.

- Chapter 3, “PKI updates” on page 21: In this chapter, we describe the Network Authentication Service (KERBEROS) PKINIT, PKI nxm authorization, PKI OCSP enhancement, and RACDCERT (granular certificate administration)

- Chapter 4, “z/OS UNIX search and file execution authority” on page 27: z/OS UNIX search authority, z/OS UNIX file execution, Examples for exploiting the new functions

This book is one of a series of IBM Redbooks that take a modular approach to providing information about the updates that are included with z/OS V2R2. This approach has the following goals:

- Provide modular content

- Group the technical changes into a topic

- Provide a more streamlined way of finding relevant information that is based on the topic

We hope you find this approach useful and we welcome your feedback.

Chapter 1. RACF updates

Chapter 2. LDAP updates

Chapter 3. PKI updates

Chapter 4. z/OS UNIX search and file execution authority