CA7ONL fails with RC=15(139) after installing external security for Datacom
Article ID: 218516
Updated On:
Products
Issue/Introduction
After implementing Datacom external security, CA 7 fails at startup with the following message:
DUMP TITLE=CA 7 Unexpected Datacom Return Code
L2PDR01E DBTSK001 SCTNAME=SASSCHED
CMD=RDUKX RC=15(139) TBL=ZRO KEYN=ZROK1
Environment
Release : 12.0, 12.1
Component : CA-7
Cause
Security definitions not defined.
Resolution
The user id assigned to the CA 7 started task does not have the required access to the CA7ONL. This id need access to the following recourses. See sample security members from the CAL2OPTN data set (AL2RACFD, AL2ACF2D,AL2TSSD)
For RACF (AL2RACFD)
* [email protected] controls access to the Datacom tables used
* by CA 7 and SQL (see prodhlq.CAL2SQL). DB00002 and
* DB00015 contain Datacom data dictionary information.
* DB01000 is used by CA 7 to access Datacom system
* tables. PERMITs further down will allow access.
*
RDEFINE [email protected] cxxname.DB00002.* UACC(NONE)
RDEFINE [email protected] cxxname.DB00015.* UACC(NONE)
RDEFINE [email protected] cxxname.DB00770.* UACC(NONE)
RDEFINE [email protected] cxxname.DB01000.* UACC(NONE)
* Set CA 7's access
*
PERMIT cxxname.DB00770.* CLASS([email protected]) ID(CA7STC) ACC(ALTER)
PERMIT cxxname.DB01000.* CLASS([email protected]) ID(CA7STC) ACC(READ)
---------------------------------------------------
For Top Secret (AL2TSSD)
TSS PER(ca7xxx) DCTABLE(cxxname.DB00770.) ACCESS(ALL)
TSS PER(ca7xxx) DCTABLE(cxxname.DB01000.) ACCESS(READ)
----------------------------------------------------
For ACF2
SET RESOURCE(DCT)
RECKEY cxxname ADD(DB00770.- UID(ca7uid) SERVICE(READ,ADD,DELETE,UPDATE) ALLOW)
RECKEY cxxname ADD(DB01000.- UID(ca7uid) SERVICE(READ) ALLOW)
After security update has been completed, update the security changes to the CA7 Datacom MUF by issuing the modify command:
F ca7muf,SECURITY RESET
Feedback
