Sidchg Key Direct

1. Definition & Purpose The sidchg (Session ID Change) key is an attribute that can be specified on a RACF user profile (or similar mainframe security product). When activated, it allows a user to change their own session ID (also known as the ACEE — Accessor Environment Element — or terminal session identifier) without requiring a full re-authentication (re-login).

ALTUSER BATCHSVC SIDCHG Then in batch JCL or REXX: sidchg key

ADDUSER userid ... SIDCHG | Aspect | Without sidchg | With sidchg | |--------|----------------|---------------| | Session ID change | Requires password/passphrase | Allowed without re-authentication | | Suitability | General users, high-security accounts | Trusted processes, service accounts, automation | | Risk | Lower risk of unauthorized context switching | Higher risk if user ID is compromised | ALTUSER BATCHSVC SIDCHG Then in batch JCL or

ALTUSER userid NOSIDCHG It can also be specified during initial user creation: high-security accounts | Trusted processes

ALTUSER userid SIDCHG To remove it: