search cancel

Why Getting *1C*-06 Violations With JESXCF After Upgrading to zOS 1.13?

book

Article ID: 19799

calendar_today

Updated On:

Products

Cleanup Datacom DATACOM - AD CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services CA ECOMETER SERVER COMPONENT FOC EASYTRIEVE REPORT GENERATOR FOR COMMON SERVICES INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA ON DEMAND PORTAL CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware Top Secret Top Secret - LDAP Top Secret - VSE

Issue/Introduction

Description:

After upgrading to z/OS 1.13, violations in Job name JESXCF, Program IXZRCEC started to occur:


 	*1C*-06 Fac STC not authorized (user-acids).

This problem didn't exist before upgrading to zOS 1.13.

Solution:

Routine IXZIX00 issues RACINITs, then TSS checks which facility the RACINIT comes from.

If there is no FACILITY assigned to the started task address space, the facility used by TSS is STC Facility. Obviously the user acid, is not allowed to access to it, hence the DRC (detailed reason code) 006 is issued.

JESXCF should run under its own defined acid and have a FACILUTY assigned to it. This master facility should be defined similarly to JES2 with PGM=IXZ.

Then add it to *ALL* record. Afterward, you can check to narrow down who can access to it and add to a profile or a set of acids.

Environment

Release: TOPSEC00200-15-Top Secret-Security
Component: