An add or change of a resource rule gets message ACF70041 SECOND LEVEL QUALIFER NOT ALLOWED WITHIN THIS RULESET. 

The message ACF70041 message indicates:

ACF70041  -  SECOND LEVEL QUALIFIER NOT ALLOWED WITHIN THIS RULESET
 
  Reason:
  A period (.) was found in the $KEY.  CA-ACF2 interprets this as a fully qualified resource name.
 
  Action:
  Specify a $KEY without a period.

A fully qualified resource rule is where the entire resource name is in the $KEY value. An extended resource rule is where the $KEY contains only the first level qualifier.

For example, for the following rule:

$KEY(MVS.SEND) TYPE(OPR)
 - UID(******JES2) ALLOW

This will get message ACF70041 because there are 2 qualifiers in the $KEY and the rule line has a "-".

Specifying additional qualifiers in rule line entries are only allowed in extended resource rules.

There are 2 options to resolve this:

1. Remove the "-" in the rule line to make this a fully qualified resource rule.

       $KEY(MVS.SEND) TYPE(OPR)
       UID(******JES2) ALLOW

   or, use masking $KEY(MVS.SEND.*************) to allow for multiple resource names.
   
   
2. Reduce the $KEY to just MVS (the first level qualifier) to make this an extended resource rule:

       $KEY(MVS.) TYPE(OPR)
       SEND UID(******JES2) ALLOW

If there are other applicable MVS rules, then it may be advantageous to use the extended resource rule format.
Example:

  $KEY(MVS) TYPE(OPR)
  SEND.- UID(******JES2) ALLOW
  CANCEL.- UID(******OPSUSR) ALLOW
  CANCEL.- UID(*) PREVENT

More details can be found in Resource Rule Control and Comment Statements.