$HASP690 SOURCE OF COMMAND HAS IMPROPER AUTHORITY With $P O J'xxx' And Top Secret

book

Article ID: 220334

calendar_today

Updated On:

Products

CA Top Secret

Issue/Introduction

When the following command is issued:

$P O J'xxxxxx'

it results in the following error:

$HASP690 COMMAND REJECTED - SOURCE OF COMMAND HAS IMPROPER AUTHORITY

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

The security trace shows a check for OPERCMDS(JES2.STOP.BATOUT) with SRC/DRC 0400, which makes SDSF honor ISFPARMS or the SDSF user exit, effectively enforcing SDSF security checking as intended. The trace also shows the first OPERCMDS permit in the ALL record is what is causing the 0400. Most likely, the following permit is in the ALL record:

XA OPERCMDS= JES2.
   ACCESS  = ALL  
   ACTION  = PASSWORD

If that is the case, there are 2 options:
1) Authorize the user to OPERCMDS(JES2.STOP.BATOUT) in Top Secret:

TSS PER(acid) OPERCMDS(JES2.STOP.BATOUT) ACCESS(UPDATE)
TSS REFRESH(acid) JOBNAME(*)

2) Authorize the user to OPERCMDS(JES2.STOP.BATOUT) in ISFPARMS.