Using CSM to install a product, the following error occurs: CSI is not accessible for userID to ALTER

book

Article ID: 130153

calendar_today

Updated On:

Products

CA Mainframe Software Manager (Chorus Software Manager)

Issue/Introduction

Attempting to install CA Auditor r12.1 using CA CSM r6.0 encounters failure when selecting the dataset name prefix for the CSI, and other SMP/E datasets.  After clicking next, the error messages:

Error: highlevel.CSI is not accessible for (myID) to ALTER. Security rules prevent (myID) ALTER access to SMPHOLD, SMPPTS, SMPLTS, SMPMTS, SMPSCDS, and SMPSTS.

ACF/2 is the External Security Manager, and (myID) does have ALLOC and ALTER access to those datasets, What could be the cause of this error? 

Cause

This is a bug in CSM..
 

Environment

CSM 6.0 Build 142

Resolution

Build 143 (ptf RO95339) resolves this condition.
 

Additional Information

Here is information as documented in RO95338:

CSI DATASET NOT ACCESSIBLE IN BASE INSTALL WIZARD                            
                                                                             
PROBLEM DESCRIPTION:                                                         
An error that *.CSI data set is not accessible for user to ALTER appears in  
the SMP/E Environment Setup step of the Base Installation wizard. This can   
happen for customer having non-SMS managed environment and use the data set  
parameters VOLSER and Unit instead of SMS parameters.                        
This data set name is then passed to the RACROUTE macro which verifies       
required access level for the user. The volser value is not used in the      
security check which results in no access response from security product.    
                                                                             
SYMPTOMS:                                                                    
1. Error message in the Base Installation wizard -                           
   "Error:SOME.DATASET.CSI is not accessible for USERID to ALTER."           
2. When MVSUTIL_LOGLEVEL set to trace, this message appears in the STDMSG:   
   "(mvsutil/security.c:169): secur_dataset_access: secur_dataset_max_access
    (dsn=SOME.DATASET.CSI, volser=, DSTYPE_NONVSAM, loglevel=2) = 0;
    racf_rc=0x14; reason_code=0x0"                                                               
   Reason code 0x0 means no access.                                             
   For other SMP/E environment data sets, the volser parameter in above message 
   is filled in correctly and the reason_code has value 0x10. Which means ALTER
   authority.