Security violations with CA OPS/MVS OPSBCPII commands

book

Article ID: 196916

calendar_today

Updated On:

Products

CA Common Services for z/OS CA Database Management Solutions for DB2 for z/OS CA Common Services CA LDAP Server for z/OS CA Mainframe Connector for Linux on System z CA Graphical Management Interface CA Output Management Web Viewer CA OPS/MVS Event Management & Automation

Issue/Introduction

While trying to shut down OPSBCPii, the STC acid got a security violation for OPERCMDS(OPSBCPII.STOP.SRV)

12:35:10 R2354    F OPSS,RESTART(HWS)
12:35:10 OPSMVS   P  OPSBCPII
12:35:10 OPSBCPII TSS7251E Access Denied to OPERCMDS <OPSBCPII.STOP.SRV>
12:35:10 OPSBCPII CASV0106W TSS7251E Access Denied to OPERCMDS <OPSBCPII.STOP.SRV>

 

Cause

Required resources not defined and permitted

Environment

Release : ANY

Component : CAMASTER/CA-SERV COMMON SERVICE

Resolution

Any product or component that is hosted in the CA Common Address Space Shell (CASERV) supports the following commands.

These commands support and control the hosted servers and the overall operation of the CASERV address space.

Using your enterprise security manager (ESM) product, allow the STC acid for the product/component the necessary access.

The following require CONTROL access except DISPLAY which requires READ.

jobname.ALLOCATE.SRV
jobname.ATTACH.SRV
jobname.CANCEL.SRV
jobname.CONCAT.SRV
jobname.CTRACE.SRV
jobname.DETACH.SRV
jobname.DISPLAY.SRV
jobname.DUMP.SRV
jobname.FREE.SRV
jobname.MSGTABLE.SRV
jobname.READCMDS.SRV
jobname.SET.SRV
jobname.SHUTDOWN.SRV
jobname.STOP.SRV