CA Datacom RC 15 (139) RACF External Security Violation

book

Article ID: 110267

calendar_today

Updated On:

Products

CA Datacom - DB CA Datacom CA Datacom - AD CA Datacom - Server CA CIS CA Common Services for z/OS CA 90s Services CA Database Management Solutions for DB2 for z/OS CA Common Product Services Component CA Common Services CA Datacom/AD CA ecoMeter Server Component FOC CA Easytrieve Report Generator for Common Services CA Infocai Maintenance CA IPC Unicenter CA-JCLCheck Common Component CA Mainframe VM Product Manager CA Chorus Software Manager CA On Demand Portal CA Service Desk Manager - Unified Self Service CA PAM Client for Linux for zSeries CA Mainframe Connector for Linux on System z CA Graphical Management Interface CA Web Administrator for Top Secret CA CA- Xpertware

Issue/Introduction

CA Datacom using RACF external security getting return code 15 (139) security violation even though all the RACF security rules are defined.
In Dataquery getting error DQ804E - YOU ARE NOT AUTHORIZED TO ACCESS THIS TABLE   

Environment

z/OS and RACF security

Resolution

With RACF, the class names are translated to have a @ in the 3rd position. So for example, class DTTABLE becomes [email protected]  This is done in CA Common Services (CCS) component CAISSF (Standard Security Facility) .

For CCS Version 14.1 and above this is done in the CAS9 startup JCL with a CAIRACF DD statement. 

​//CAIRACF DD DISP=SHR,DSN=CAI.CAW0OPTN(RACFLIST)

For CCS releases prior to 14.1, the CAS9SAFC source needs to be modified and then reassembled and linked.

Additional Information

See DocOps section Modify RACF Class Table Entries If Required