search cancel

TSS0473E error when permitting a resource or Profile

book

Article ID: 133019

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

TSS PER( ) DSN(ABC) 
TSS0473E  MAX SIZE OF SECREC HAS BEEN EXCEEDED
TSS0301I  PERMIT   FUNCTION FAILED, RETURN CODE =  8

                                      



Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

1. Increase the max acid size allowed,  in TSS r16.0 up to 1024K if not there already

2. UNDERCUT resources owned by the full Dept acid to other Dept acid

   There are no Pointer problems with UNDERCUT command    

Reason:
The ownership keywords and permissions associated with this ACID have exceeded the 
capacity of CA Top Secret to absorb additional security specifications from your latest 
command.


Action:
If this is a hierarchy ACID (for example, DEPARTMENT, DIVISION, or ZONE), you may 
need to provide an additional hierarchy ACID at the same level to accommodate new 
ownerships. However, you may also find that you can reduce the number of ownerships 
required by owning a higher level prefix instead of owning many individual resources or 
lower-level multiply qualified resource prefixes.


If this is a PROFILE ACID, consider granting permission at a lower-level prefix instead of 
using multiple lower-level permissions. You may also decide to split this profile into 
more carefully tailored and individualized profiles of more manageable size.


If this is a USER ACID, consider the possibility of granting permissions to individual 
PROFILE ACIDs instead of to individual users. PROFILE ACIDs are cached in central shared 
storage, and will reduce system overhead by reducing security file I/O requests. 
Individual ACID permissions and keywords should be used to override information 
stored in more general profiles shared by large numbers of users.