CA Datacom RC 15 (139) RACF External Security Violation

book

Article ID: 110267

calendar_today

Updated On:

Products

Datacom DATACOM - AD CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services CA ECOMETER SERVER COMPONENT FOC EASYTRIEVE REPORT GENERATOR FOR COMMON SERVICES INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA ON DEMAND PORTAL CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware

Issue/Introduction

CA Datacom using RACF external security getting return code 15 (139) security violation even though all the RACF security rules are defined.
In Dataquery getting error DQ804E - YOU ARE NOT AUTHORIZED TO ACCESS THIS TABLE   

Environment

z/OS and RACF security

Resolution

With RACF, the class names are translated to have a @ in the 3rd position. So for example, class DTTABLE becomes [email protected]  This is done in CA Common Services (CCS) component CAISSF (Standard Security Facility) .

For CCS Version 14.1 and above this is done in the CAS9 startup JCL with a CAIRACF DD statement. 

​//CAIRACF DD DISP=SHR,DSN=CAI.CAW0OPTN(RACFLIST)

For CCS releases prior to 14.1, the CAS9SAFC source needs to be modified and then reassembled and linked.

Additional Information

See DocOps section Modify RACF Class Table Entries If Required