Issuing a GETATTR or other command from a OPS/REXX program to HISRV results in one or more of these messages:
OPS3092T OI HMCGETAT
OPS0349T ADDRESSHWS - DIRECT ENTITY CONNECTION FAILED. HiSrv RC: 12 ; RSC: X'530001C4'
OPS0349T ADDRESSHWS - HiSrv SECURITY AUTHORIZATION ERROR - No access to entity.
OPS3092T HWS error : ADDRESSHWS - NONZERO RETURN CODE: - RC 12 ; RSC X'01C40034'
These messages indicate that a CONNECT ENTITY API request was made but the user under which the request was made does not have access to the entity.
So adding READ access to the ENTITY.* profile for the user making the GETATTR call to HISRV will resolve the problem.
The user ID in question is generally OPSOSF.
If your OPS/REXX code, that is currently using the ADDRESS HWS host command environment, runs under a CA OPS/MVS OSF Server then the value of the OSFSECURITY parameter is used. This is to determine if security checking will take place or not. Most sites use the value CHECKUSERID. Just be aware that a check for the USER.AUTH resource will be done for either the user ID specified in the OSFPRODUCT parameter or the TSO ID of the issuer. And it will also depend on how the work is sent to the OSF Server for execution. This is fully documented in the CA OPS/MVS Parameter Reference manual.
The CA Common Services Installation Guide documents the HISRV security requirements. The entity resources used by HISRV are described in the section titled ‘Authorize Users for Entities.’ It describes the profiles used and gives examples for RACF, ACF2 and Top Secret.
You may also want to refer to related document TEC1060259
Release: PVLA2.00200-12.2-OPS/MVS-Event Management & Automation-for JES2