ACF2 ACF04056 ACCESS TO RESOURCE mqqueue.resource.name TYPE RMQQ BY DFTCICSA NOT AUTHORIZED

book

Article ID: 209628

calendar_today

Updated On:

Products

CA ACF2 CA ACF2 - MISC CA ACF2 - z/OS

Issue/Introduction

An ACF2 access violation occurs for resource mqqueue.resource.name for the resource class MQQUEUE under the CICS non-terminal default logonid after upgrading the CICS region from CTS 5.3 to CTS 5.5. Before this upgrade, validations for MQQUEUE resources would use the user's logonid for security authentications. What has changed and how can the violation be addressed?

Resolution

Beginning with CICS TS 5.4, many new features were added and enhanced. One of these enhancements includes changes for MQ Series transactions and includes a new MQ resource, MQMONITOR.

MQ configuration changes will need to be made in MQ to revert to using the logonid that is associated with the transactions instead of the CICS non-terminal default logonid. No changes will need to be made in ACF2 as default MQ user ID user for the MQ CKTI transaction is controlled by the MQ MQCONN resource definition. IBM documentation outlines the changes in their CTS 5.4 doc under Upgrading CICS Regions 

A summary of the MQ configuration changes follows:

Steps to avoid a change in the user id that is associated with MQ transactions:
- Remove the INITQNAME from the MQCONN resource definition.
- Create an MQMONITOR resource with the following attributes:
      MONUSERID and USERID attributes set to the appropriate user IDs
      NAME to match the INITQNAME that was previously specified in the MQCONN resource definition

It is also possible to install a user-defined MQMONITOR resource with the name of DFHMQINI. This provides flexibility in setting the AUTOSTART, STATUS, MONUSERID and USERID attributes to user-defined values. For this option, the TRANSACTION attribute must be CKTI.

Additional Information

More information can be found in IBM documentation: What's new in CICS Transaction Server for z/OS 5.4