Security violations with CA OPS/MVS OPSBCPII commands
Article ID: 196916
Updated On:
Products
COMMON SERVICES FOR Z/OS
DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS
Common Services
LDAP SERVER FOR Z/OS
MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME
GRAPHICAL MANAGEMENT INTERFACE
Output Management Web Viewer
OPS/MVS Event Management & Automation
Issue/Introduction
While trying to shut down OPSBCPii, the STC acid got a security violation for OPERCMDS(OPSBCPII.STOP.SRV)
12:35:10 R2354 F OPSS,RESTART(HWS)
12:35:10 OPSMVS P OPSBCPII
12:35:10 OPSBCPII TSS7251E Access Denied to OPERCMDS <OPSBCPII.STOP.SRV>
12:35:10 OPSBCPII CASV0106W TSS7251E Access Denied to OPERCMDS <OPSBCPII.STOP.SRV>
Environment
Release : ANY
Component : CAMASTER/CA-SERV COMMON SERVICE
Cause
Required resources not defined and permitted
Resolution
Any product or component that is hosted in the CA Common Address Space Shell (CASERV) supports the following commands.
These commands support and control the hosted servers and the overall operation of the CASERV address space.
Using your enterprise security manager (ESM) product, allow the STC acid for the product/component the necessary access.
The following require CONTROL access except DISPLAY which requires READ.
jobname.ALLOCATE.SRV
jobname.ATTACH.SRV
jobname.CANCEL.SRV
jobname.CONCAT.SRV
jobname.CTRACE.SRV
jobname.DETACH.SRV
jobname.DISPLAY.SRV
jobname.DUMP.SRV
jobname.FREE.SRV
jobname.MSGTABLE.SRV
jobname.READCMDS.SRV
jobname.SET.SRV
jobname.SHUTDOWN.SRV
jobname.STOP.SRV
Feedback
Yes
No
Powered by
