This IBM® Redbooks® publication explores various implementations of z/OS® Identity Propagation where the distributed identity of an end user is passed to z/OS and used to map to a RACF® user ID, and any related events in the audit trail from RACF show both RACF and distributed identities.

This book describes the concept of identity propagation and how it can address the end-to end accountability issue of many customers. It describes, at a high level, what identity propagation is, and why it is important to us. It shows a conceptual view of the key elements necessary to accomplish this.

This book provides details on the RACMAP function, filter management and how to use the SMF records to provide an audit trail. In depth coverage is provided about the internal implementation of identity propagation, such as providing information about available callable services.

This book examines the current exploiters of z/OS Identity Propagation and provide several detailed examples covering CICS® with CICS Transaction Gateway, DB2®, and CICS Web services with Datapower.

Chapter 1. Introduction

Chapter 2. RACF and z/OS Identity Propagation

Chapter 3. z/OS Identity Propagation exploiters

Chapter 4. RACMAP function

Chapter 5. Filter management

Chapter 6. Using SMF audit information to report on z/OS Identity Propagation

Chapter 7. Internal z/OS data structures impacted by identity propagation

Chapter 8. Identity propagation with CICS and CICS Transaction Gateway

Chapter 9. Identity propagation with DB2 for z/OS

Chapter 10. Identity propagation using CICS Web services