Via Top Secret, we have given access CSFKEYS(CAOMPROD) to a user SARVTAM with encryption turned on.

However, we have seen today that it's produced a security violation despite having the appropriate access.

A View backup is trying to run, however it cannot because it doesn't believe it has the access.

Can you advise?

Our OPSLOG shows the following errors:

SARDRD SARVTAM  SARBKT00  Standard backup cycle started for Gen 10351 on 17/08/22 at 13:00:00                     
SARDRD SARVTAM  SARBKT61  Standard backup cycle starting phase 1                                                  
SARDRD SARVTAM  SARICF06 Job/User CSFKEYS profile does not permit access to ICSF CAOMPROD keys - Service=CSNBKRR2 
SARDRD SARVTAM  CCSR010E SARSDAPI U0098 at 1D877184 LMOD SARTPO CSECT SARTPO +005184 SARDRD N/A SARDRD            
SARDRD SARVTAM  CCSR021I OWNER = CA VIEW R14.0                                                                    
SARDRD SARVTAM  CCSR022I MODULE = SARTPO FMID = CBRME00 RMID = CBRME00                                            
SARDRD SARVTAM  CCSR061I PSW: 00000000 00000000 078C1000 9D877184                                                 
SARDRD SARVTAM  CCSR062I ILC: 02 INTERRUPT CODE: 0D                                                               
SARDRD SARVTAM  CCSR067I COMPLETION CODE U0098 REASON CODE 00000000                                               
SARDRD SARVTAM  CCSR064I DATA AT PSW 1D87717E : 00181610 0A0D1FFF 58E0D004                                        
SARDRD SARVTAM  CCSR065I HOME = 00A2  PRIMARY = 00A2  SECONDARY = 00A2                                            
SARDRD SARVTAM  CCSR070I GR00 - GR01  00000000_C0000000 00000000_C0000062                                         
SARDRD SARVTAM  CCSR070I GR02 - GR03  00000000_00000000 00000000_00008D9C                                         
SARDRD SARVTAM  CCSR070I GR04 - GR05  00000000_1D8088EA 00000000_40000000                                         
SARDRD SARVTAM  CCSR070I GR06 - GR07  00000000_008D3FC8 00000000_00034310                                         
SARDRD SARVTAM  CCSR070I GR08 - GR09  00000000_00008C68 00000000_1D877230                                         
SARDRD SARVTAM  CCSR070I GR10 - GR11  00000000_000062E0 00000000_00033310                                         
SARDRD SARVTAM  CCSR070I GR12 - GR13  00000000_1D8770F8 00000000_1D8E2120                                         
SARDRD SARVTAM  CCSR070I GR14 - GR15  00000000_9D877174 00000000_00000000                                         
SARDRD SARVTAM  CCSR071I AR00 - AR03  00000000 00000000 00000000 00000000                                         
SARDRD SARVTAM  CCSR071I AR04 - AR07  00000000 00000000 00000000 00000000                                         
SARDRD SARVTAM  CCSR071I AR08 - AR11  00000000 00000000 00000000 00000000                                         
SARDRD SARVTAM  CCSR071I AR12 - AR15  00000000 00000000 00000000 00000000                                         
SARDRD SARVTAM  CCSR080I SARSDAPI DUMP IN PROGRESS                                                                
SARDRD SARVTAM  CCSR081I SARSDAPI DUMP COMPLETED

Release : 14.0

Component : View

To determine which reports have been encrypted in a View database:

 . Run SARDBASE IDXOUT on the database and browse the output.

 . Look for those records that contain a report name in column 1.
 
 . Towards the end of the report record, there will be a field starting with x'A8':

 . . x'A80C01' indicates the report is encrypted using clear keys. 

 . . x'A80C04' indicates the report is encrypted using secure keys.

At the time of the problem View was starting a backup cycle and was trying to access the ICSF keys but did not have the necessary permissions for access. 

At this time a SARSTC task recycle would be needed, for any changes in encryption.