EDC5163I SAF/RACF extract error. User ID revoked ?
Article ID: 103448
CA Top Secret
CA Top Secret - LDAP
We occasionally see security failures in the UC4 MVS agent that show message 'EDC5163I SAF/RACF extract error". The TSS OE report shows a corresponding entry of 'User ID is revoked'.
SERVICE USERID GROUP UID GID SAF RC RSN
DATE TIME JOBNAME SOURCE SYSID CPU SECLABEL
initACEE UC4RUN OMVSDGRP 16 999 8 8 28
06/26/18 18.177 9.06.52 UC4RUN AIS1
Failed - User ID is revoked
Function: Create Attribute flags: CC800000
Userid: UC4PRD Applid: OMVSAPPL
Password: YES Passphrase: NO Certificate: NO ACEE Addr: NO
We do not see any TSSxxxxx messages in the job or system log and the Userid doesn't show that it's suspended.
These seem to be random and cannot be recreated on demand. Any idea why?
TSSUTIL shows signon failures with DRC 14 (User already signed on). This means the FACILiTY doesnt allows the user to be signed on more than once with the FACILTY.
The FTP software runs multiple FTP jobs for same user causing multiple concurrent signons of user.
FTP FACILITY is setup with SIGN(S) which doesnt allow concurrent signons..
Need to set to SIGN(M).