CA Datacom MUF startup on a new LPAR using RACF gets error message:

DB00205E - MULTI-USER ERROR - 1058

Release : 15.1

Component : CA Datacom/AD

The documentation states that error code 1058 means:

level 05 security is not in place, yet a DG, DH, DP, or DQ table class was specified in the startup options, or, level 05  security is not in place and one or more DQ paths were coded on the startup with class codes not identical to their corresponding non-DQ paths.

This indicates that the correct security definitions have not been made in the external security system in this LPAR.

For level 5 security the following DT@YSTEM resources need to be defined in RACF:

ACTIVATE.LEVEL05.PASS with access READ for MUF user TMUF
ACTIVATE.LEVEL05.FAIL with access NONE for MUF user TMUF

First issue these commands to define and activate the class:

SETROPTS CLASSACT(DT@YSTEM)
SETROPTS GENERIC(DT@YSTEM)
RDEFINE DT@YSTEM ACTIVATE.LEVEL05.FAIL UACC(NONE)
RDEFINE DT@YSTEM ACTIVATE.LEVEL05.PASS UACC(NONE)

Then grant access to MUF userid:

PERMIT ACTIVATE.LEVEL05.FAIL CL(DT@YSTEM) ID(muf_userid) ACC(NONE)
PERMIT ACTIVATE.LEVEL05.PASS CL(DT@YSTEM) ID(muf_userid) ACC(READ)

In addition, the MUF STC userid must not be defined with the TRUSTED or PRIVILEGED attributes. These attributes can also cause this error.

Use the following command to check if the userid has these attributes:

RLIST STARTED muf_userid.* STDATA NORACF

To change it use these commands:

RALTER STARTED TMUF.* STDATA(USER(muf_userid) GROUP(STCGROUP) NOTRUSTED NOPRIVILEGED)
SETROPTS RACLIST(STARTED) REFRESH