Via Top Secret, we have given access CSFKEYS(CAOMPROD) to a user SARVTAM with encryption turned on.
However, we have seen today that it's produced a security violation despite having the appropriate access.
A View backup is trying to run, however it cannot because it doesn't believe it has the access.
Can you advise?
Our OPSLOG shows the following errors:
SARDRD SARVTAM SARBKT00 Standard backup cycle started for Gen 10351 on 17/08/22 at 13:00:00
SARDRD SARVTAM SARBKT61 Standard backup cycle starting phase 1
SARDRD SARVTAM SARICF06 Job/User CSFKEYS profile does not permit access to ICSF CAOMPROD keys - Service=CSNBKRR2
SARDRD SARVTAM CCSR010E SARSDAPI U0098 at 1D877184 LMOD SARTPO CSECT SARTPO +005184 SARDRD N/A SARDRD
SARDRD SARVTAM CCSR021I OWNER = CA VIEW R14.0
SARDRD SARVTAM CCSR022I MODULE = SARTPO FMID = CBRME00 RMID = CBRME00
SARDRD SARVTAM CCSR061I PSW: 00000000 00000000 078C1000 9D877184
SARDRD SARVTAM CCSR062I ILC: 02 INTERRUPT CODE: 0D
SARDRD SARVTAM CCSR067I COMPLETION CODE U0098 REASON CODE 00000000
SARDRD SARVTAM CCSR064I DATA AT PSW 1D87717E : 00181610 0A0D1FFF 58E0D004
SARDRD SARVTAM CCSR065I HOME = 00A2 PRIMARY = 00A2 SECONDARY = 00A2
SARDRD SARVTAM CCSR070I GR00 - GR01 00000000_C0000000 00000000_C0000062
SARDRD SARVTAM CCSR070I GR02 - GR03 00000000_00000000 00000000_00008D9C
SARDRD SARVTAM CCSR070I GR04 - GR05 00000000_1D8088EA 00000000_40000000
SARDRD SARVTAM CCSR070I GR06 - GR07 00000000_008D3FC8 00000000_00034310
SARDRD SARVTAM CCSR070I GR08 - GR09 00000000_00008C68 00000000_1D877230
SARDRD SARVTAM CCSR070I GR10 - GR11 00000000_000062E0 00000000_00033310
SARDRD SARVTAM CCSR070I GR12 - GR13 00000000_1D8770F8 00000000_1D8E2120
SARDRD SARVTAM CCSR070I GR14 - GR15 00000000_9D877174 00000000_00000000
SARDRD SARVTAM CCSR071I AR00 - AR03 00000000 00000000 00000000 00000000
SARDRD SARVTAM CCSR071I AR04 - AR07 00000000 00000000 00000000 00000000
SARDRD SARVTAM CCSR071I AR08 - AR11 00000000 00000000 00000000 00000000
SARDRD SARVTAM CCSR071I AR12 - AR15 00000000 00000000 00000000 00000000
SARDRD SARVTAM CCSR080I SARSDAPI DUMP IN PROGRESS
SARDRD SARVTAM CCSR081I SARSDAPI DUMP COMPLETED
Release : 14.0
Component : View
To determine which reports have been encrypted in a View database:
. Run SARDBASE IDXOUT on the database and browse the output.
. Look for those records that contain a report name in column 1.
. Towards the end of the report record, there will be a field starting with x'A8':
. . x'A80C01' indicates the report is encrypted using clear keys.
. . x'A80C04' indicates the report is encrypted using secure keys.
At the time of the problem View was starting a backup cycle and was trying to access the ICSF keys but did not have the necessary permissions for access.
At this time a SARSTC task recycle would be needed, for any changes in encryption.