ACF2 Or Top Secret - At IPL Getting CAS2030E CA SAF interface initialization -- load failed for module CSNBSYE

book

Article ID: 206853

calendar_today

Updated On:

Products

CA ACF2 - z/OS CA ACF2 - MISC CA Top Secret

Issue/Introduction

While testing a z/OS 2.4 upgrade, getting message:
         CAS2030E CA SAF interface initialization -- load failed for module CSNBSYE
... during the IPL.

Successfully upgraded three other ACF2 LPars using the same ACF2 service level without any issues.

Additionally, the following message was also observed. 
         $HASP875 CSNEKRR2 - module could not be loaded - RC=02

Both of these modules are from ICSF, IBM hardware encryption, which has NOT been enabled.
It would appear something telling SAF or ACF2 that ICSF is enabled but that is not the case.

The same CAS2030E CA SAF interface initialization -- load failed for module CSNBSYE message has been seen with Top Secret as well.

Environment

Release : 16.0
Component : CA ACF2 for z/OS

Resolution

When IPLing z/OS V2R4, JES2 may fail to initialize if the ICSF module CSNEKRR2 is not part of the LNKLST. This module is mistakenly considered a requirement of JES2 V2R4.
Reference : OA58757: "$HASP430 INCOMPATIBLE SUBSYSTEM INTERFACE -- RC=08" WHEN STARTING JES2 AT V2R4

 ICSF library CSF.SCSFMOD0 is not installed or is not in LNKLST concatenation
 IBM recommendation : BYPASS/CIRCUMVENTION:
 To bypass, add the SCSFMOD0 to the LNKLST concatenation so that CSNEKRR2 can be located.
 Note: You may have to either remove SCSFSTUB from LNKLST or APF authorize it and re-IPL. 


IBM was consulted, having SCSFSTUB ship with a LNKLST entry but no APFLST entry causes problems, particularly for those shops that run with LNKAUTH=APFTAB.

However, using LNKAUTH=LNKLST will eliminate this problem.
OR
SCSFMOD0 and SCSFSTUB should be APF authorized.