After applying Datacom PTF LU04806, Datacom Server failed with this error message:
DSV00155E-LOGON=NO not permitted with secured MUF. Datacom Server terminating.
Datacom Server startup options specifies LOGON=NO
This new feature was introduced by PTF LU04086 to fix a vulnerability in Server. It is documented in the New Features for Datacom Server:
Datacom Server Using LOGON=NO with Secured MUF (PTF LU04086) z/OS
This PTF addresses the behavior of Datacom Server started with LOGON=NO and connected to an externally secured Datacom Multi-User Facility (MUF). When a Datacom Server using input parameter LOGON=NO is is connected to a secured MUF and neither SECEXIT nor CONEXIT is specified, then Datacom Server is terminated with the message DSV00155E.
A new message for this option is:
DSV00155E - LOGON=NO not permitted with secured MUF. Datacom Server terminating
When MUF security is enabled this message will be issued at MUF startup:
DB00231I - EXTERNAL SECURITY LEVEL 03 ACTIVE
DB00220I - EXTERNAL SECURITY ACTIVE FOR MUFXX ON SQL SERVER WITH DRTABLE
When the MUF is secured the DSV00155E error is expected with LU04086 applied. It is working as designed.
Release : 15.1
Component : DATACOM SERVER
To resolve this error when MUF external security is enabled you have 2 options:
See documentation section Startup Options
LOGON=
(Optional) Specifies whether the Mainframe Server attempts to do an external security logon to validate each user.
If LOGON=YES, each user must be authorized to access data through MUF external security.
If LOGON=NO, user IDs are not validated through external security nor passed.
If LOGON=NO is connected to an externally secured MUF and no SECEXIT or CONEXIT is specified, Datacom Server is terminated.
Note: If LOGON=YES, the SVDBSPR module must reside in an authorized library.
Valid Entries: NO or YES
Default: YESCONEXIT=
(Optional) Specifies a user-coded connection exit to replace the security that Datacom Server provides through external security. CONEXIT is called before the call to the external security interface. A sample connection exit, SVCXTPR, is provided.
Valid Entries: A valid connection exit program
Default: No default (spaces)