ICH408I for Tape Date Sets running IDCAMS REPRO MERGECAT
Article ID: 125500
Updated On:
Products
CA 1 Tape Management
CA 1 Tape Management - Copycat Utility
CA 1 Tape Management - Add-On Options
Issue/Introduction
IDCAMS REPRO MERGECAT fails with the following security violations for migrated data sets and for data sets on tape volumes:
ICH408I USER(userid ) GROUP(group ) NAME(user name )
HLQ.data.set.name CL(DATASET ) VOL(MIGRAT)
INSUFFICIENT ACCESS AUTHORITY
FROM HLQ.** (G)
ACCESS INTENT(ALTER ) ACCESS ALLOWED(READ )
ICH408I USER(userid ) GROUP(group ) NAME(user name )
HLQ.data.set.name CL(DATASET ) VOL(tape00)
INSUFFICIENT ACCESS AUTHORITY
FROM HLQ.** (G)
ACCESS INTENT(ALTER ) ACCESS ALLOWED(READ )
The Userid running MERGECAT has ALTER ACCESS to the Catalogs and READ ACCESS to the Data Sets being merged.
This works for Data Sets on DASD, but fails for Tape Data Sets or migrated Data Sets.
ICH408I USER(userid ) GROUP(group ) NAME(user name )
HLQ.data.set.name CL(DATASET ) VOL(MIGRAT)
INSUFFICIENT ACCESS AUTHORITY
FROM HLQ.** (G)
ACCESS INTENT(ALTER ) ACCESS ALLOWED(READ )
ICH408I USER(userid ) GROUP(group ) NAME(user name )
HLQ.data.set.name CL(DATASET ) VOL(tape00)
INSUFFICIENT ACCESS AUTHORITY
FROM HLQ.** (G)
ACCESS INTENT(ALTER ) ACCESS ALLOWED(READ )
The Userid running MERGECAT has ALTER ACCESS to the Catalogs and READ ACCESS to the Data Sets being merged.
This works for Data Sets on DASD, but fails for Tape Data Sets or migrated Data Sets.
Environment
Release:
Component: 1
Component: 1
Resolution
This problem is caused by the CA 1 Catalog Interface. It is addressed by CA Common Tape (CM-$F) Problem 298. APAR ST07062 is available and can be requested from Support. The published PTF will be available soon. Following details for APAR ST07062:
Title: CORRECT SECURITY CALL DURING A MERGECAT OPERATION
PROBLEM DESCRIPTION:
For CA 1 clients when OCEOV is set to YES and an attempt is made to perform
a REPRO MERGECAT operation, without access to the data set names being
merged, it will fail with a security violation.
SYMPTOMS:
A security-violation on an individual file will prevent the IDCAMS procedure
from ending correctly.
IMPACT:
Cannot perform the MERGECAT operation.
CIRCUMVENTION:
A circumvention would be to disable the CA 1 check at OPEN and enable the
same call from OPEN itself. This can be done by changing OCEOV to NO in the
TMOOPTxx member of CA 1 options and setting the TAPEAUTHDSN=YES option in
DEVSUPxx member of SYS1.PARMLIB instead.
Title: CORRECT SECURITY CALL DURING A MERGECAT OPERATION
PROBLEM DESCRIPTION:
For CA 1 clients when OCEOV is set to YES and an attempt is made to perform
a REPRO MERGECAT operation, without access to the data set names being
merged, it will fail with a security violation.
SYMPTOMS:
A security-violation on an individual file will prevent the IDCAMS procedure
from ending correctly.
IMPACT:
Cannot perform the MERGECAT operation.
CIRCUMVENTION:
A circumvention would be to disable the CA 1 check at OPEN and enable the
same call from OPEN itself. This can be done by changing OCEOV to NO in the
TMOOPTxx member of CA 1 options and setting the TAPEAUTHDSN=YES option in
DEVSUPxx member of SYS1.PARMLIB instead.
Feedback
Powered by
