In the RHDCSRTT, RESTYPE=DB is secured internally (SECBY=INTERNAL)
An IDMS Local mode batch job gets DB347012 even though the USER holds EXECUTE privilege on a CATEGORY that contains the relevant RUNUNIT resource definition. Why?
Release: IDADSO00100-18.5-ADS-for CA-IDMS
IDMS INTERNAL security check must access SYSUSER.DDLSEC and SYSTEM.DDLDML areas to do the lookup for the relevant USER, GROUP, RESOURCE and AUTHORITY records.
For Local Mode batch this means the DMCL used must contain the DSNAMEs for the relevant files for these areas OR the JCL must contain the relevant DD and DSN so these areas can be accessed to do the security lookup.
If it cannot access these areas to do the lookups, the Security check is considered failed.