When using the z/OSMF Sysplex option the following error is found:

WARNING:Cannot get Connection information from system XXXX due to CEA error: Returncode:-1;Reasoncode:104992825

Release : 16.0

Component : Top Secret for z/OS

The Reason code 104992825 in hex is 6421039, where 1039 is a security error: APPLDATA is not defined.

Each security database REALM has its own unique APPLDATA profile, which is associated with the SAFDFLT profile. The same SAFDFLT APPLDATA value is used across all systems in the Sysplex.

The RACF member CEASEC contains the following:

//* Define the name using the SAFDFLT profile in the REALM class
//* Substitute an appropriate string for plexname.  If the
//* security database is shared,   plexname would be a good choice.
//* If the security database is only per system,  then system name
//* would be appropriate.  The APPLDATA string should be unique for
//* each security database.  They must be the same if the content is
//* intended to represent the same data.  (FRED = FRED).:
RDEFINE REALM SAFDFLT APPLDATA('<plexname OR other unique string>')

Top Secret has the default resource class RACREALM defined.

So, the SAFDFLT should be owned and permitted using the following commands:

TSS ADD(deptname) RACREALM(SAFDFLT)
TSS PER(ALL) RACREALM(SAFDFLT) APPLDATA(plexname)