Create Profile Provisioning Policy Attributes
When SailPoint provisions new accounts to a ACF2 source, it uses attributes on the Create Profile page as instructions. It can be a template to decide which attributes to include for adding an Account. This page is also referred to as the provisioning policy.
Important
This section describes the configuration of the Create Profile section. However, SailPoint recommends that you work with Services to define a Create Profile specific to your company's requirement.
The following generators create the required information while creating a ACF2 account which can be edited:
|
Account Attribute |
Generator |
Description |
|---|---|---|
|
USER_ID |
Generator (Create Unique Account ID) |
The User ID as taken from the profile name. |
|
password |
Generator |
The password for ACF2. |
|
CICS.OPIDENT |
Disable |
Operator identification for use by BMS (basic mapping support) in CICS segment. This identification for each operator, is 1 to 3 characters long. |
|
CICS.TIMEOUT |
Disable |
Time, in hours and minutes, that the operator is allowed to be idle before being signed off CICS segment. |
|
CICS.XRFSOFF |
Disable |
(FORCE) means that the user is signed off by CICS when an XRF (extended recovery facility) takeover occurs in CICS segment. |
|
TSO.ACCTNUM |
Disable |
Default TSO account number when logging on to TSO segment. |
|
TSO.COMMAND |
Disable |
Command run during TSO logon. |
|
TSO.DEST |
Disable |
Default destination to which the system routes dynamically-allocated SYSOUT data sets in TSO segment. |
|
TSO.HOLDCLASS |
Disable |
Default hold class for a user in TSO segment. |
|
TSO.JOBCLASS |
Disable |
Default job class for a user in TSO segment. |
|
TSO.MAZSIZE |
Dsiable |
Maximum region size a user can request at logon to TSO segment. |
|
TSO.MSGCLASS |
Disable |
Default message class for a user in TSO segment. |
|
TSO.PROC |
Disable |
Default logon procedure name when logging on through TSO logon panel. |
|
TSO.SECLABEL |
Disable |
Security label entered or used during TSO logon. |
|
TSO.SIZE |
Disable |
Default or requested region size during TSO logon - TSO segment. |
|
TSO.SYSOUTCLASS |
Disable |
Default system out class. |
|
TSO.UNIT |
Disable |
Default name of a device or group of devices that a procedure uses for allocations in TSO segment. |
|
TSO.USERDATA |
Disable |
Optional installation data defined for a user. |
|
OMVS.CPUTIMEMAX |
Disable |
OMVS.CPUTIMEMAX. |
|
OMVS.FILEPROCMAX |
Disable |
Maximum number of files a user is allowed to have concurrently active or open - OMVS segment. |
|
OMVS.HOME |
Disable |
OMVS initial directory path name. |
|
OMVS.MMAPAREAMAX |
Disable |
Maximum amount of data space storage, in pages, that can be allocated by a user for memory mappings of OMVS files - OMVS segment. |
|
OMVS.PROCUSERMAX |
Disable |
Maximum number of processes a user is allowed to have active at the same time, regardless of how the process became OMVS process. |
|
OMVS.PROGRAM |
Disable |
First program started when TSO command OMVS is entered or when a batch job is started using the BPXBATCH program. |
|
OMVS.THREADSMAX |
Disable |
Maximum number of pthread_create threads, including those running, queued, and exited but not detached, that a user can have concurrently active. |
|
OMVS.UID |
Disable |
User identification in OMVS segment. |