We setup a PROGRAM restriction on a logonid that is used for our scheduler and now jobs are failing with message ACF01009 LOGONID NOT VALID FOR SUBMISSION BY PROGRAM - pgm. Why?

The PROGRAM field of the logonid record is used in conjunction with the RESTRICT privilege to provide a program restriction for use of a logonid that does not require a password(RESTRICT). In other words, in order to use a logonid with the RESTRICT privilege the specified program must be used to submit the job. If a different program is used the message "ACF01009 LOGONID NOT VALID FOR SUBMISSION BY PROGRAM - pgm." will occur. This message is an indication that the program (pgm) that did the submit of the logonid with the RESTRICT privilege does not match the explicit program name or program name mask specified in that logonid record.

Ensure that the logonid record used for this job has the correct submitting program name specified in the PROGRAM (or PGM) field.

Sample logonid with RESTRICT and PROGRAM(TESTPGM) specified:

ACF 
INSERT SAMPLE1 NAME(SAMPLE RESTRICT LID) RESTRICT PROGRAM(TESTPGM)
 SAMPLE1                   SAMPLE1             SAMPLE RESTRICT LID
                      %ETRUST() COMPANY() DEPT() IDNUM() LEVEL() LOCATION()
                      POSITION() PROJECTX() PRV-TOD5(00/00/00-00:00)
                      PRV-TOD6(00/00/00-00:00) PRV-TOD7(00/00/00-00:00)
                      PRV-TOD8(00/00/00-00:00) SITE()
 PRIVILEGES           PROGRAM(TESTPGM) RESTRICT
 ACCESS               ACC-CNT(0) ACC-DATE(00/00/00) ACC-TIME(00:00)
 PASSWORD             KERB-VIO(0) KERBCURV() PSWD-DAT(00/00/00) PSWD-INV(0)
                      PSWD-TOD(00/00/00-00:00) PSWD-VIO(0) PSWDCVIO(0)
                      PWP-DATE(00/00/00) PWP-VIO(0)
 TSO                  DFT-PFX(SAMPLE1)
 STATISTICS           CRE-TOD(10/24/08-14:14) SEC-VIO(0)
                      UPD-TOD(10/24/08-14:14)
 RESTRICTIONS         PREFIX(SAMPLE1)

The PROGRAM (or PGM) field specifies a 1 - 8 eight character program name or a mask. The specified program must be used to submit jobs for this logonid. If the logonid also has SUBAUTH, this program must be APF-authorized. The PROGRAM field can be masked. Proper use of these two different symbols can be used: the asterisk (*) and the (-). A mask can specify a dash to represent all/any programs that begin with the specified characters that proceed the dash or all programs if the dash is used alone. If one or more asterisk (*) mask symbol(s) occur at the beginning of, between the characters, or at the end of the PROGRAM mask each asterisk matches exactly one character.

When using a masked PROGRAM field note that trailing blanks after the masking field "-" up to a total of 8 will be included causing potential problems that could yield the ACF01009 message.

For example:

INSERT SAMPLE1 NAME(SAMPLE RESTRICT LID) RESTRICT PROGRAM(TEST-)

is not equivalent to:

INSERT SAMPLE1 NAME(SAMPLE RESTRICT LID) RESTRICT PROGRAM(TEST- )

In the above examples, the first example PROGRAM(TEST-) will match program TESTPGM however the second example PROGRAM(TEST- ) will not, because in this case the "-" is treated as a literal "-" instead of representing a mask.