Synchronize Jazz-groups with RACF groups
Hi,
In RACF I've created a group JAZZUSER. My Jazz-server uses the LDAP-SDBM to connect with RACF. JazzUsers is connected to JAZZUSER.
Initially the Jazz-server syncronizes with the RACF-group. All users in this group are imported in the Jazz-userdatabase and have the JazzUsers authorization which is ok. But when we change something in the RACF-group, I would expect the JazzUsers on the server to change with that. Adding an user on RACF-JAZZUSER works fine but when I delete an user from RACF-JAZZUSER, I would want to see this user archived(when it is not in another Jazz-group). Or better, an user that doesn't exist in RACF anymore, should not exist in the Jazz-userdatabase in my opinion. Now I only see the JazzUsers auth. disappear.
I solved this now by exporting all users to a .csv-file with repotools-jts exportUsers. This file I can edit and import it. Problem with that is when an user no longer exist in RACF, repotools can't export it, so I need to add these users manually to the .csv.
Is there a better way than doing this manually?
For security reasons I would like to be able to completely delete archived users. Would this be possible?