How to activate and configure the SAF user registry
Activate the System Authorization Facility (SAF) user registry and configure it to use
z/OS® authorized services.
Before you begin
- You should be familiar with the following topics:
- API provider authentication and identification when IBM z/OS Connect is acting as an API provider.
- API requester authentication and identification when IBM z/OS Connect is acting as an API requester.
- You must have write access to the server.xml configuration file.
About this task
By default, the SAF user registry uses unauthorized UNIX System Services services such as
__passwd
to perform authentication. For better performance, you can configure the
SAF user registry to use authorized services such as initACEE
to perform
authentication by configuring the SAFCRED
resources.