Our RACF security engineer has turned on RACF WARN mode for CA-View, and he's reporting that CA-View is not respecting the profiles in WARN mode.
Below is a screen print of what CA-View is doing, in returning a RC=-.20.0:
FUNC=CPLFBRS ACCESS=READ CLASS=CHA1VIEW ENTITY=VIEW.REPT.#DLYCAT
ICH408I USER(A032 ) GROUP(IT$SENG ) NAME(BURK, DANIEL )
WARNING: INSUFFICIENT AUTHORITY - TEMPORARY ACCESS ALLOWED
FROM VIEW.REPT.** (G)
ACCESS INTENT(READ ) ACCESS ALLOWED(NONE )
FUNC=CPLFVACC ACCESS=READ CLASS=CHA1VIEW ENTITY=VIEW.VIEW.000.P.#DLYCAT
SARATH92 Authorization failed A032 under ISPF RC=0.20.0
SARATH92 CLASS=CHA1VIEW ENTITY=VIEW.VIEW.000.P.#DLYCAT
Release : 14.0
Component : View
It was found:
. Removing STATUS=ACCESS will resolve the issue.
. That there was not a need to check for the highest access. Just check for access and base findings in return code “0” for successful or “8” for failure.
. RACF will automatically take into account if the profile is in WARNING mode.