Our RACF security engineer has turned on RACF WARN mode for CA-View, and he's reporting that CA-View is not respecting the profiles in WARN mode.

Below is a screen print of what CA-View is doing, in returning a RC=-.20.0:

FUNC=CPLFBRS ACCESS=READ CLASS=CHA1VIEW ENTITY=VIEW.REPT.#DLYCAT

ICH408I USER(A032    ) GROUP(IT$SENG ) NAME( <name> )

  VIEW.REPT.#DLYCAT CL(CHA1VIEW)

  WARNING: INSUFFICIENT AUTHORITY - TEMPORARY ACCESS ALLOWED

  FROM VIEW.REPT.** (G)

  ACCESS INTENT(READ   )  ACCESS ALLOWED(NONE   )

FUNC=CPLFVACC ACCESS=READ CLASS=CHA1VIEW ENTITY=VIEW.VIEW.000.P.#DLYCAT

SARATH92  Authorization failed A032 under ISPF RC=0.20.0

SARATH92  CLASS=CHA1VIEW ENTITY=VIEW.VIEW.000.P.#DLYCAT

Release : 14.0

Component : View

It was found:

 . Removing STATUS=ACCESS will resolve the issue. 

 . That there was not a need to check for the highest access.  Just check for access and base findings in return code “0” for successful or “8” for failure. 

 . RACF will automatically take into account if the profile is in WARNING mode.