OPSPARM SEC failure - Not authorized to read value of SSMMONDISP
Article ID: 247925
Updated On: 10-01-2024
Products
Issue/Introduction
I migrated an OPS/MVS installation from another system and when attempting to go into SSM, I get the following message below. The system I migrated from has external security enabled in the Facility class for OP$MVS.* profiles in RACF.
I get the following error on the panel, but no message id and I can't find the message text in the any of online documentation manuals for OPS/MVS.
I don't see any RACF violation records so I am wondering if this is defined internally somewhere and not in the Facility class.
Environment
OPS/MVS
Cause
A possible cause of this issue is that TSO OPER authority was not granted to the user ID attempting to access the SSM panels.
Resolution
TSO OPER authority requirements are discussed here:
"In the absence of security rules or a customized OPUSEX security user exit, OPS/MVS requires that non-authorized attempts to access most of its operational features originate from an address space with a user ID that has TSO OPER authority."
Security solution commands for granting TSO OPER authority follow:
For RACF:
PERMIT OPER ACCESS(READ) CLASS(TSOAUTH) ID(user)
For CA Top Secret:
TSS PERMIT(userA) TSOAUTH(OPER)
For CA ACF2:
SET RESOURCE(SAF)
RECKEY OPER ADD( UID(UID string for USER1) SERVICE(READ))
Feedback
