What is a Universal RACF group?

• It is a RACF group that does not have the 6000 user membership limit.  There is no limit to the number of users with ‘use’ authority that can be connected to this type of group.

Why is there no membership limit?

• The RACF member profile for groups is restricted to 6000.  Universal groups only store the users with above ‘use’ (connect, join, etc.) authority in the member profile.  The remaining ‘use’ authority users are stored outside of the member profile, which has no member limit.

The storing of users outside of the member profile means what to the SSA?

• Since complete membership information is not stored in their member profiles, a normal list group (LG) command does not list all the members.  Performing a (LG) command will only return members with more than ‘use’ authority.           Note:  Doing an (LU) on a individual user will show the ‘Universal group’ in their access list.

How would an SSA see the entire user member list?

• Any tool that uses the Vanguard DB2 table – USER_GROUP_CONNECT – will return all member information.
• Webi reporting tool (users connected to a group report) returns all users, including those with use authority. 
• SECOR – An enhancement has been made to allow a group membership report.  Any group that has over 1,000 members

• Vanguard release connect summary 3.xx reporting option will also return all members in the access list.