Why Getting *1C*-06 Violations With JESXCF After Upgrading to zOS 1.13?

book

Article ID: 19799

calendar_today

Updated On:

Products

CA Cleanup CA Datacom - DB CA Datacom CA Datacom - AD CA Datacom - Server CA CIS CA Common Services for z/OS CA 90s Services CA Database Management Solutions for DB2 for z/OS CA Common Product Services Component CA Common Services CA Datacom/AD CA ecoMeter Server Component FOC CA Easytrieve Report Generator for Common Services CA Infocai Maintenance CA IPC Unicenter CA-JCLCheck Common Component CA Mainframe VM Product Manager CA Chorus Software Manager CA On Demand Portal CA Service Desk Manager - Unified Self Service CA PAM Client for Linux for zSeries CA Mainframe Connector for Linux on System z CA Graphical Management Interface CA Web Administrator for Top Secret CA CA- Xpertware CA Top Secret CA Top Secret - LDAP CA Top Secret - VSE

Issue/Introduction

Description:

After upgrading to z/OS 1.13, violations in Job name JESXCF, Program IXZRCEC started to occur:


 	*1C*-06 Fac STC not authorized (user-acids).

This problem didn't exist before upgrading to zOS 1.13.

Solution:

Routine IXZIX00 issues RACINITs, then TSS checks which facility the RACINIT comes from.

If there is no FACILITY assigned to the started task address space, the facility used by TSS is STC Facility. Obviously the user acid, is not allowed to access to it, hence the DRC (detailed reason code) 006 is issued.

JESXCF should run under its own defined acid and have a FACILUTY assigned to it. This master facility should be defined similarly to JES2 with PGM=IXZ.

Then add it to *ALL* record. Afterward, you can check to narrow down who can access to it and add to a profile or a set of acids.

Environment

Release: TOPSEC00200-15-Top Secret-Security
Component: