search cancel

ACF2 Access Violation for DASDVOL Resource Class

book

Article ID: 215321

calendar_today

Updated On:

Products

ACF2 ACF2 - MISC ACF2 - z/OS

Issue/Introduction

After creating a SAFDEF for the DASDVOL class type, the correct SAFDEF is being picked up but access is being denied. There are no violations in the ACFRPTRV report. How can access be granted to DASDVOL class resources?

Resolution

If the resource class is DATASET, DASDVOL, or TAPEVOL, CA ACF2 uses data set access rules to validate access. Access rules for these resources will need to be written into the DATASET database. The ACFRPTDS report (sample JCL below) can report on access violations for these classes since the ACFRPTRV report will only show violations against the INFOSTG database. If violations are still not showing up in the DS report, turn the TRACE bit on for the logonid receiving the violations and re-create the violation before running the DS report. Sample TSO ACF2 commands for turning the TRACE bit on and off are listed below.

To turn on the TRACE bit:
CHANGE logonid TRACE

To turn off the TRACE bit:
CHANGE logonid NOTRACE

Sample DS report JCL:
//REPORT  EXEC PGM=ACFRPTDS                        
//SYSPRINT DD SYSOUT=*                             
//HEXDUMP  DD SYSOUT=*                             
//* RECMAN1  DD DSN=IFASMF.STREAM,DISP=SHR,   
//*             SUBSYS=(LOGR,IFASEXIT)             
//RECMAN1  DD DISP=SHR,DSN=SYS1.MAN1               
//RECMAN2  DD DISP=SHR,DSN=SYS1.MAN2               
//RECMAN3  DD DISP=SHR,DSN=SYS1.MAN3               
//SYSIN    DD *                                    
TITLE(ACFRPTDS Report)