Resolving a security violations for CASFSERV(CSFDSG) for LDAP started task.

LDAP receives a:
TSS7251E Access Denied to CSFSERV <CSFDSG>

Please let me know why LDAP is asking for this function and throwing this message.

The LDAP started task acid was receiving security violations for CSFSERV(CSFDSG) which was valid because there was no PERMIT for it on the acid.
Once you PERMITted the acid, the security violations went away.

According to the IBM documentation:

CSFSERV(CSFDSG) authority is required for:
1. RSA Digital Signature Generation
2. ECC Digital Signature Generation

Since LDAP uses these services, the PERMITs for CSFSERV(CSFDSG) need to be given the to LDAP started task.

TSS PER(caldapstartedtaskacid)  CASFSERV(CSFDSG) ACC(ALL(

will resolve the security violation.