An STC generates a validation call against R(TGR) with resource ********. Why is this validation occurring? What is ACFFFPNL in the RV report output?

Release : 16.0

Component : ACF2MS

When an init_usp request is issued to "signon" to omvs ACF2 will create a list of all the groups that a user is connected to and places that in a control block attached to the acee.

This is done by program ACFFFPNL which checks the users access to every resource rule that is written in type(TGR). If there is a rule with $KEY(*******) and the user has access, it will be added to the list of groups for this user. 

If the user has trace on the logonid, all access checks will be logged to SMF and reported with the requesting program name being ACFFFPNL.

If the user does not have trace, there are no loggings of the TGR validations.