As of release 2.4 of z/OS, IBM have made AllowUserKeyCSA(NO) compulsory.
The instructions for what needs to be done to IDMS to support this can be found at Storage Key Considerations for z/OS CSA Subpools.
This article contains a list of frequently ask questions on this topic.
Release : All supported releases.
Component : CA IDMS
1. What if there is more than one load library in STEPLIB ?
There is never any good reason to have more than one load library in the STEPLIB of a CV. For more information on that, see KD 140728: What must be in STEPLIB of an IDMS CV? However, if there is more that one load library in STEPLIB, they must all be authorized in order for the STEPLIB as a whole to be considered authorized.
2. Is the sysgen system statement clause ERUS FETCH PROTECT IS OFF (or ERUS_FETCH_PROTECT_OFF in SYSIDMS) necessary?
Almost certainly not. This is only necessary if you have user code in CICS accessing IDMS EREs. This is an unusual practice and very few clients do it. For more information, see KD 112619: The need for ERUS FETCH PROTECT IS OFF.
3. If this requires that a new KEY() value is set in the PPT entry, does CVKEY in the #SVCOPT also have to be changed?
Possibly. If CVKEY in #SVCOPT is not *, then it must be the same as the KEY() value set in the PPT entry.
See Generating the SVC and also point 3 in KD 117597: IDMS CV setup for ALLOWUSERKEYCSA(NO) clarification for more information.
4. Do these changes require that the CV be down?
The changes do not have to be made while the CV is down.
However, changes to the PPT entry will not take effect until the CV is cycled.
Furthermore, if the SVC has changed (see point 3 above), it must be reloaded with CAIRIM, and that must happen with all CVs down. See KD 13676: Which CVs need to be shut down when refreshing the SVC with CAIRIM? for more information.
5. Is it mandatory to use KEY(4)?
The KEY() must be a non-user key - between 1 and 7 inclusive. Broadcom strongly recommends using KEY(4).
6. Why is the PPT entry now required?
Without a PPT entry, the KEY() will default to 8.