IBM "Application discovery" is performing API EXTRACT action from Endevor inventory, the C1ACTNS performed is RETRIEVE while it should be DISPLAY. I have given access SAFAUTH=READ to IBM "Application discovery" and ESI is rejecting the action since RETRIEVE is performed. What's security level access is really required ? The BC1TNEQU is defined as follows (Sample): FUNCEQU SAFAUTH=READ, C1ACTNS=(DISPLAY) FUNCEQU SAFAUTH=UPDATE, C1ACTNS=(ADD,UPDATE,GENERATE,SIGNOVR,MOVE, RETRIEVE,SIGNIN) FUNCEQU SAFAUTH=CONTROL, C1ACTNS=(ARCHIVE,DELETE) FUNCEQU SAFAUTH=ALTER, C1ACTNS=(ENVRNMGR)
IBM "Application discovery" needs C1ACTNS=DISPLAY to run Endevor API EXTRACT. This is a bug in IBM "AD Connector" and corrective PTF UI57078 needs to be applied in order to have IBM "Application discovery" running with Endevor SAFAUTH=READ.