Define Security for jobs submitted from the SAMS address space
search cancel

Define Security for jobs submitted from the SAMS address space

book

Article ID: 16410

calendar_today

Updated On:

Products

Vantage Storage Resource Manager

Issue/Introduction

If security is not properly defined, an error message like, "LOGONID NOT VALID FOR SUBMISSION BY PROGRAM - ..." will be displayed.

How can I define security for jobs submitted from the SAMS address space?

Environment

Vantage

Resolution

The program submitting the job is not "SAM" and there is a difference which subsystem is submitting.
  
The following table is valid in the case of this error message:
LOGONID NOT VALID FOR SUBMISSION BY PROGRAM - OBJECTSV
 
This means that the GOA submitting the job and the Program that needs the security profile defined is ENINTRD.  In the case of PC Windows Client or for 3270 Scripts the program is GENINTRD.
  
Mother......INTRDR
TCB..........Program......Functions that Submit
--------------------------------------------------
EWSAPPL...GENINTRD PC Windows Client and GMI
SSM3LU2...GENINTRD View/3270 Client and GMI
OBJECTSV..ENINTRD  General Object Automation (GOA)
SBTSUB....GENINTRD Script Layer, DSGroup Threshold, EOJ Service
TSCHEDS...GENINTRD Scheduled Vol Defrags and Vol/StgGroup
  
The table and more info is available here:

Perform Initial Startup


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The topic: Security - Maintaining Security when Automation Submits Jobs, is important in this case.
RACF and TOP secret have different behavior.
  
With RACF and CA TopSecret, the adding of LOGONID is automatically done to the job when the job is submitted.
(The logon ID and password associated with the CA Vantage started task.) 
 
CA ACF2 has a different behaviour.  ACF2 is not adding LOGONID to job.
Instead, a special logon ID should be created for these submitted jobs.
The model JCL references it in either a //*LOGONID logon ID statement or the USER=logon ID parameter of the JOB statement.
 
This is why the problem "ACF01009 LOGONID" occurs submitting the job even though the program is defined in security.
Top secret and RACF do this automatically. 
 
All is described here in section Security - Maintaining Security when Automation Submits Jobs:

Security Services

 

Powered by Wolken Software