There is an open-source tool known as RACFADM that was created by systems programmers who work with RACF for systems programmers who work with RACF. This tool is a full ISPF dialog written in z/OS REXX. You can get it from https://github.com/lbdyck/racfadm or from https://cbttape.org - check the updates page for the latest. 

The main ISPF Tutorial page provides more information.

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired
------------------------------

Hi Lionel Dyck,

Enhanced RACF Admin Efficiency & Control = f(UFI, STS, AC, C) / C_RACF

• Enhanced RACF Admin Efficiency & Control: The desired outcome – making RACF administration better.

• f: "is a function of" or "is achieved through"

• UFI: User-Friendly Interface (menu-driven, interactive modification, single scrollable display).

• STS: Simplified Task Set (listing profiles, connecting groups, adding permissions, user auth searching, displaying auth source).

• AC: Automation Capabilities (automating creation of aliases/datasets).

• C: Customizability (written in Rexx, tailor $STUB).

• C_RACF: The inherent Complexity of Native RACF (the problem being addressed). The denominator implies RACFADM reduces or mitigates this complexity.

(Complexity of Native RACF) + [RACFADM offering (User-Friendly Interface + Simplified Common Tasks + Automation + Customization)] → More Efficient, Simpler, and Controlled RACF Security Management

Essentially, RACFADM acts as an "enhancement layer" or a "productivity toolkit" on top of the standard RACF system, aiming to make the life of a RACF security administrator easier, faster, and less error-prone.

Good luck!

SUMAN

------------------------------
Suman Suhag
Dev Bhoomi Uttarakhand University
Data Science Student
+91 8950196825 [Jhajjar, Haryana, India]
------------------------------

Original Message:
Sent: Wed May 14, 2025 09:05 AM
From: Lionel Dyck
Subject: Simplified RACF Administration

There is an open-source tool known as RACFADM that was created by systems programmers who work with RACF for systems programmers who work with RACF. This tool is a full ISPF dialog written in z/OS REXX. You can get it from https://github.com/lbdyck/racfadm or from https://cbttape.org - check the updates page for the latest. 

The main ISPF Tutorial page provides more information.

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired
------------------------------

Hello Lionel.

Thank you for this RACFADM tool. Is there a way to download the entire dataset from Github? Like in TSO XMIT format or do we have to download each member one by one?

------------------------------
Daniel Hamiel
------------------------------

Original Message:
Sent: Wed May 14, 2025 09:05 AM
From: Lionel Dyck
Subject: Simplified RACF Administration

There is an open-source tool known as RACFADM that was created by systems programmers who work with RACF for systems programmers who work with RACF. This tool is a full ISPF dialog written in z/OS REXX. You can get it from https://github.com/lbdyck/racfadm or from https://cbttape.org - check the updates page for the latest. 

The main ISPF Tutorial page provides more information.

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired
------------------------------

The easy way is to use git to clone the repository to your system.  If you don't have git on your z/OS system then check out IBM's Open Enterprise Foundation (OEF) which is free and included with z/OS 2.5 and 3.1 (and soon 3.2) that includes git, or get git from the https://github.com/zopencommunity.

If you are unable to use git then you can download directly from the CBTTape website using this url: https://cbttape.org/ftp/updates/CBT417.zip

hope this helps

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired
------------------------------

Original Message:
Sent: Fri May 16, 2025 05:22 AM
From: Daniel Hamiel
Subject: Simplified RACF Administration

Hello Lionel.

Thank you for this RACFADM tool. Is there a way to download the entire dataset from Github? Like in TSO XMIT format or do we have to download each member one by one?

------------------------------
Daniel Hamiel

Original Message:
Sent: Wed May 14, 2025 09:05 AM
From: Lionel Dyck
Subject: Simplified RACF Administration

There is an open-source tool known as RACFADM that was created by systems programmers who work with RACF for systems programmers who work with RACF. This tool is a full ISPF dialog written in z/OS REXX. You can get it from https://github.com/lbdyck/racfadm or from https://cbttape.org - check the updates page for the latest. 

The main ISPF Tutorial page provides more information.

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired
------------------------------

Yet another update thanks to John Kalinich 

get it at https://github.com/lbdyck/racfadm and soon https://cbttape.org in file 417

17 Jul 2025 - V40R2                                                
   - Tutorial (Option T)                                           
     -- Updated panel #RACLINE to document Digital certificate     
        line commands                                              
   - User Profiles (Option 1)                                      
     -- Updated RACFUSR to add LEFT/RIGHT primary commands to      
        allow scrolling of tablea                                  
   - Generate profile source (Option G)                            
     -- Updated RACFGEN exec to use LRECL=300 if general resource  
        profile names are greater than 52 in length.  If so,       
        use RACRUN.                                                
     -- Added RACFGENA exec to generate profile source for ALL     
        "active" resource profiles if ALL is entered as the class  
        on the input panel.                                        
     -- Added #RACGENA tutorial panel.                             
   - Other Items                                                   
     -- Updated exec RACFPROF to print header line correctly       
        when processing a long profile name.                       

17 Jul 2025 - V40R2                                                
   - Tutorial (Option T)                                           
     -- Updated panel #RACLINE to document Digital certificate     
        line commands                                              
   - User Profiles (Option 1)                                      
     -- Updated RACFUSR to add LEFT/RIGHT primary commands to      
        allow scrolling of tablea                                  
   - Generate profile source (Option G)                            
     -- Updated RACFGEN exec to use LRECL=300 if general resource  
        profile names are greater than 52 in length.  If so,       
        use RACRUN.                                                
     -- Added RACFGENA exec to generate profile source for ALL     
        "active" resource profiles if ALL is entered as the class  
        on the input panel.                                        
     -- Added #RACGENA tutorial panel.                             
   - Other Items                                                   
     -- Updated exec RACFPROF to print header line correctly       
        when processing a long profile name.                       

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired
------------------------------

Original Message:
Sent: Fri May 16, 2025 08:53 AM
From: Lionel Dyck
Subject: Simplified RACF Administration

The easy way is to use git to clone the repository to your system.  If you don't have git on your z/OS system then check out IBM's Open Enterprise Foundation (OEF) which is free and included with z/OS 2.5 and 3.1 (and soon 3.2) that includes git, or get git from the https://github.com/zopencommunity.

If you are unable to use git then you can download directly from the CBTTape website using this url: https://cbttape.org/ftp/updates/CBT417.zip

hope this helps

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired

Original Message:
Sent: Fri May 16, 2025 05:22 AM
From: Daniel Hamiel
Subject: Simplified RACF Administration

Hello Lionel.

Thank you for this RACFADM tool. Is there a way to download the entire dataset from Github? Like in TSO XMIT format or do we have to download each member one by one?

------------------------------
Daniel Hamiel

Original Message:
Sent: Wed May 14, 2025 09:05 AM
From: Lionel Dyck
Subject: Simplified RACF Administration

There is an open-source tool known as RACFADM that was created by systems programmers who work with RACF for systems programmers who work with RACF. This tool is a full ISPF dialog written in z/OS REXX. You can get it from https://github.com/lbdyck/racfadm or from https://cbttape.org - check the updates page for the latest. 

The main ISPF Tutorial page provides more information.

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired
------------------------------

yet another update

   - Certs (Option CA)                                                  
     -- Added RACFVUE exec to run VUECERTS (Charles Mills)              
     -- Added RACFVUEC panel to prompt for VUECERTS parameters:         
          CMDS  - to generate RACDCERT LIST commands for diagnosing     
                  certificate issues                                    
          VERB  - to display IRRSEQ00 call parameters and profiles      
          INDEX - to generate a list of all Digital Certificates        
          USERS - to generate a list of users with Personal             
                  Certificates with counts                              
          RINGS - to display Keyrings and their Certificates            
          blank - to list *ALL* Digital Certificates along with an      
                  extensive analysis                                    
     -- Added #RACVUEC tutorial panel                                   
     -- Updated RACFCERT to add VUE and PERS primary commands           
        which run VUECERTS (Charles Mills)                              
     -- Updated RACFCERT to change "State" field name to "Cond"         
     -- Updated RACFCERT to add CHECK primary command                   
     -- Added RACFVMAC Edit macro to position to Keyrings in            
        VUECERTS output                                                 
   - Tutorial (Option T)                                                
     -- Updated panel #RACMENU                                          
     -- Created help panel #RACVUEP to document VUECERTS RACF           
         permissions                                                   
    - Other Items                                                      
      -- Updated $STUB and RACFADM execs to add an ISPLLIB LIBDEF      
         for hlq.RACFADM.LOADLIB                                       
    - User Profiles (Option 1)                                         
      -- Updated RACFUSR to add Fast List processing (Mark Wilson)     
      -- Updated panels RACFUSR1 and #RACUSR2                          
      -- Updated RACFUSR to add CLONE primary command                  
      -- Added RACFCOPI exec to clone userids in table                 
    - Group Profiles (Option 2)                                        
      -- Updated RACFGRP to add Fast List processing (Mark Wilson)     
      -- Updated panels RACFGRP1 and #RACGRP8                          
      -- Updated RACFGRP to add CLONE primary command                  
      -- Added RACFCOPG exec to clone groups in table                  
    - Dataset Profiles (Option 3)                                      
      -- Updated RACFDSN to add Fast List processing (Mark Wilson)     
      -- Updated panels RACFDSN1 and #RACDSN2                          
      -- Updated RACFDSN to add CLONE primary command                  
      -- Added RACFCOPD exec to clone datasets in table                
    - General resources (Option 4)                                     
      -- Updated RACFCLSG to add Fast List processing (Mark Wilson)        
      -- Updated panels RACFCLS1 and #RACCLS2                              
      -- Updated RACFCLSG to add CLONE primary command                     
      -- Added RACFCOPC exec to clone resources in table                   

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired
------------------------------

Original Message:
Sent: Thu July 17, 2025 03:03 PM
From: Lionel Dyck
Subject: Simplified RACF Administration

Yet another update thanks to John Kalinich 

get it at https://github.com/lbdyck/racfadm and soon https://cbttape.org in file 417

17 Jul 2025 - V40R2                                                
   - Tutorial (Option T)                                           
     -- Updated panel #RACLINE to document Digital certificate     
        line commands                                              
   - User Profiles (Option 1)                                      
     -- Updated RACFUSR to add LEFT/RIGHT primary commands to      
        allow scrolling of tablea                                  
   - Generate profile source (Option G)                            
     -- Updated RACFGEN exec to use LRECL=300 if general resource  
        profile names are greater than 52 in length.  If so,       
        use RACRUN.                                                
     -- Added RACFGENA exec to generate profile source for ALL     
        "active" resource profiles if ALL is entered as the class  
        on the input panel.                                        
     -- Added #RACGENA tutorial panel.                             
   - Other Items                                                   
     -- Updated exec RACFPROF to print header line correctly       
        when processing a long profile name.                       

17 Jul 2025 - V40R2                                                
   - Tutorial (Option T)                                           
     -- Updated panel #RACLINE to document Digital certificate     
        line commands                                              
   - User Profiles (Option 1)                                      
     -- Updated RACFUSR to add LEFT/RIGHT primary commands to      
        allow scrolling of tablea                                  
   - Generate profile source (Option G)                            
     -- Updated RACFGEN exec to use LRECL=300 if general resource  
        profile names are greater than 52 in length.  If so,       
        use RACRUN.                                                
     -- Added RACFGENA exec to generate profile source for ALL     
        "active" resource profiles if ALL is entered as the class  
        on the input panel.                                        
     -- Added #RACGENA tutorial panel.                             
   - Other Items                                                   
     -- Updated exec RACFPROF to print header line correctly       
        when processing a long profile name.                       

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired

Original Message:
Sent: Fri May 16, 2025 08:53 AM
From: Lionel Dyck
Subject: Simplified RACF Administration

The easy way is to use git to clone the repository to your system.  If you don't have git on your z/OS system then check out IBM's Open Enterprise Foundation (OEF) which is free and included with z/OS 2.5 and 3.1 (and soon 3.2) that includes git, or get git from the https://github.com/zopencommunity.

If you are unable to use git then you can download directly from the CBTTape website using this url: https://cbttape.org/ftp/updates/CBT417.zip

hope this helps

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired

Original Message:
Sent: Fri May 16, 2025 05:22 AM
From: Daniel Hamiel
Subject: Simplified RACF Administration

Hello Lionel.

Thank you for this RACFADM tool. Is there a way to download the entire dataset from Github? Like in TSO XMIT format or do we have to download each member one by one?

------------------------------
Daniel Hamiel

Original Message:
Sent: Wed May 14, 2025 09:05 AM
From: Lionel Dyck
Subject: Simplified RACF Administration

There is an open-source tool known as RACFADM that was created by systems programmers who work with RACF for systems programmers who work with RACF. This tool is a full ISPF dialog written in z/OS REXX. You can get it from https://github.com/lbdyck/racfadm or from https://cbttape.org - check the updates page for the latest. 

The main ISPF Tutorial page provides more information.

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired
------------------------------

New update - https://github.com/lbdyck/racfadm and within 48 hours at https://cbttape.org/updates.htm

01 Feb 2026 - V40R7                                                      
   - User Profiles (Option 1)                                            
     -- Updated RACFCOPI exec to generate PERMITs                        
   - Dataset Profiles (Option 3)                                         
     -- Updated RACFDSN2 skeleton to show complete DSN                   
   - General resources (Option 4)                                        
     -- Updated RACFCLSR to add primary command ADD class to table       
     -- Updated RACFCLSR to issue SETR WHEN(PROGRAM) REFRESH             
        when refreshing the PROGRAM class                                
     -- Updated tutorial panel #RACCLSR                                  
   - Certs (Option CA)                                                   
     -- Added RACRINGS exec to list all digital rings                    
     -- Updated RACFCERT exec to add RINGS primary command               
     -- Updated RACFCERT exec to add line commands M - LISTMAP           
        and R - Keyring dialog for Personal certificates                 
     -- Updated LC edit macro to list CERTAUTH/SITE certificates         

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired
------------------------------

Original Message:
Sent: Wed May 14, 2025 09:05 AM
From: Lionel Dyck
Subject: Simplified RACF Administration

There is an open-source tool known as RACFADM that was created by systems programmers who work with RACF for systems programmers who work with RACF. This tool is a full ISPF dialog written in z/OS REXX. You can get it from https://github.com/lbdyck/racfadm or from https://cbttape.org - check the updates page for the latest. 

The main ISPF Tutorial page provides more information.

------------------------------
Lionel Dyck - IBM System Z Champion
System Z Open-Source Advocate
Retired
------------------------------