search cancel

Fix SO04936 and Hold Data

book

Article ID: 133807

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP

Issue/Introduction

Part of the  HOLDDATA for fix SO04936 states:

***NOTE***                                                       

If you are not using the Top Secret version of the JES NJE Health

Checker utility and apply this APAR, you will at minimum need to 

provide the following permits to the HZSPROC STC ID:             

                                                                 

    TSS PERMIT(hzs) IBMFAC(IRR.RADMIN) ACCESS(READ)              

    TSS PERMIT(hzs) DSN(SYS1.SAXREXEC) ACCESS(READ)              

                                                                 

Without these permits, HZSPROC will fail to start.               

We IPLled  two systems with the fix SO04936 Applied  and HZSPROC did not fail; it started successfully.  It does have READ Access to SYS1.SAXREXEC but NO permits to the IBMFAC(IRR.RADMIN) . Why did it start?

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

The permit to IBMFAC IRR.AADMIN is needed to execute commands with R_admin callable service. The doc is assuming if you are not running TSS NJE health, then you are running another version (home made) that is also using R_admin to execute TSS commands. If not running any TSS commands thhrough R_admin the permit is not needed.