Receiving the following ESM codes when upgrading some CICS CPSM regions to CTS 5.1 from CTS 3.2 .

+DFHUS0150 $CMPA  522                                                        
                                                                             
AN ATTEMPT TO ESTABLISH SECURITY HAS FAILED FOR USERID uuuuuuu IN           
GROUP , NO TERMINAL,  APPLID xxxxx. UNABLE TO INITIALIZE THE                 
TRANSACTION XLST. SAF CODES ARE (X'00000008',X'00000000'). ESM CODES         
ARE (X'0000001C',X'00000000').                                               
+EYUTS0001I $CMPA TOPOLOGY DISCONNECT FOR aaaaaaa INITIATED - APPLID(aaaaaaa
+EYUTS0003I $CMPA TOPOLOGY DISCONNECT FOR aaaaaaa COMPLETE - APPLID(aaaaaaa)

The Top Secret TSSUTIL report shows a 1C-06 FACILITY security violation for the userid (uuuuuuu).

Per IBM:

PM79281/UK94164 made a change as to how CICS handles a session signons. Many customers have been reporting the same to us after applying maintenance or upgrading releases. The same change was made to version 4 via PM67891/UK83851.The maintenance forces a signon of the user within the CICS, which didn't occur previously. After the maintenance, users will need to be authorized to the CICS FACILITY they are signing on to.

IBM now requires the user to have access to the CICS FACILITY.

TSS ADD(acid) FAC(facilityname) will authorize the user.

Please substitute 'acid' with the user's ACID and 'facilityname' with your CICS FACILITY name.