Started task receives ACF2 mesage ACF01100 NOT AUTHORIZED FOR GROUP STCGROUP at startup
Article ID: 188599
Updated On:
Products
ACF2
ACF2 - DB2 Option
ACF2 - z/OS
ACF2 - MISC
WEB ADMINISTRATOR FOR TOP SECRET
Issue/Introduction
New started task ESMPROC (CCS USS task for Security Micro Service) is failing at startup with following error:
S ESMPROC
ACF01100 NOT AUTHORIZED FOR GROUP STCGROUP
Userid for task is defined as:
l esmserv
ESMSERV ESMSERV ESM MICROSERVICE
APPL(ESM) DEPT(MVS) DIV(OS) ORG(99)
PRIVILEGES STC
ACCESS ACC-CNT(0) ACC-DATE(00/00/00) ACC-TIME(00:00)
PASSWORD KERB-VIO(0) KERBCURV() PSWA1TOD(00/00/00-00:00) PSWA2TOD(00/00/00-00:00) PSWD-DAT(00/00/00) PSWD-INV(0)
PSWD-TOD(00/00/00-00:00) PSWDCVIO(0) PWP-DATE(00/00/00) PWP-VIO(0)
TSO DFT-PFX(ESMSERV)
STATISTICS CRE-TOD(01/12/20-14:48) SEC-VIO(0) UPD-TOD(02/03/20-10:25)
RESTRICTIONS GROUP(OMVSGRP) PREFIX(ESMSERV)
ACF
UID is in STC table:
sh stc
-- STARTED TASK TABLE --
STCID LOGONID GROUP
======== ======== =======
DFS***** DFS
ESMPROC ESMSERV STCGROUP
What is missing?
Environment
Release : 16.0
Component : CA ACF2 for z/OS
Resolution
1. The userid is not allowed access to group STCGROUP... Change the logonid to be in group STCGROUP instead of OMVSGRP
2) The STC record entry specifies GROUP(STCGROUP)... change the STC record to match the group in the logonid record GROUP(OMVSGRP)
3) If you want the logonid and STC records to remain asis.... Write a resource rule of TYPE(TGR) and KEY(STCGROUP) and give logonid ESMSERV access.
Any of these solutions will resolve the problem.
2) The STC record entry specifies GROUP(STCGROUP)... change the STC record to match the group in the logonid record GROUP(OMVSGRP)
3) If you want the logonid and STC records to remain asis.... Write a resource rule of TYPE(TGR) and KEY(STCGROUP) and give logonid ESMSERV access.
Any of these solutions will resolve the problem.
Feedback
Yes
No
Powered by
