Suppressing automatic security updates

msys for Setup assumes that you are using RACF as the security product that protects your systems. In response to security related configuration requirements by service customizations, for example the requirement that a particular user must exist, it generates update requests against RACF.

If you do not use RACF or your organization's regulations do not permit security related updates to be made through msys for Setup, you must prevent msys for Setup from performing configuration changes in response to RACF update requests. Instead you can make msys for Setup report on the necessary changes and perform them outside msys for Setup. You do this by setting the "RACFSecurity - authorizations" policy accordingly.

If you do use RACF you can also use this policy to limit the scope of what msys for Setup can do to creating but not deleting objects, such as users.

Before you begin:

You must be authorized for the RACF service to be able to set the RACF policy.

Related information: