Recently installed the new Vantage and I'm getting the following message when I try to execute a script

Ewsmsg08 access denied for object=dtoc4sys 

VKG0134I Access Denied for Object=DUPEDSNS

Vantage

In the past, we have seen the same problem if the user didn't have READ access to 

SYSSSM.FUNC.I.

" Vantage SRM allows you to define user access rules to the CA Vantage SRM objects themselves. CA Vantage SRM uses SAF to check for object access rules every time an end-user selects an object from one of the client interfaces, rejecting access whenever appropriate."

Here a link for the security team.

Security

'Grant Users Access to Objects' in the Reference Guide - Security .

Grant Users Access to Objects

When you activate the security support, Vantage can control who logs on, what objects they can access, and allow them to perform actions upon the objects while maintaining a secure environment. It does this by using the IBM SAF interface, upon which nearly all security systems are built, including CA ACF2, RACF, and CA Top Secret. If you do not activate the security support, anyone can logon, compromising security, but Vantage automatically limits the product to its viewing functions only, in such cases users cannot perform any actions on what they view.

When security support is activated, Vantage requires all users to provide their logon IDs and passwords at logon time, and immediately passes them to your security system. As usual, unknown users or invalid passwords cause your security system to reject the logon request.

In addition to this logon check, Vantage allows you to define user access rules to the Vantage objects themselves. Vantage uses SAF to check for object access rules every time an end user selects an object from one of the client interfaces, rejecting access whenever appropriate.

Do not activate support for security checking until you have defined the object access rules as described in the documentation.