DC021102 SECURITY VIOLATION BY USER ACCESS TO RESOURCE DENIED.

search cancel

DC021102 SECURITY VIOLATION BY USER ACCESS TO RESOURCE DENIED.

book

Article ID: 397801

calendar_today

Updated On:

Products

IDMS IDMS - Database

Issue/Introduction

IDMS Signon is secured externally. User given correct access to the resource but signon fails with:

DC021102 SECURITY VIOLATION BY USER ***.
ACCESS TO RESOURCE userid DENIED.

The RHDCSRTT entry has:

         #SECRTT TYPE=ENTRY,                                           X
               RESTYPE=SGON,                                           X
               SECBY=EXTERNAL,                                         X
               EXTCLS='@IDMS',                                         X
               EXTNAME=(RESTYPE,RESNAME)

Environment

Release: 19.0

Resolution

In the @IDMS class definition in RACF, MAXLENGTH should be 44, not 246 as documented.

Define the class as follows:

SETROPTS CLASSACT(CDT)
RDEFINE CDT @IDMS UACC(NONE)
RALTER CDT @IDMS CDTINFO(DEFAULTUACC(NONE) FIRST(ALPHA) MAXLENGTH(44))
RALTER CDT @IDMS CDTINFO(OTHER(ALPHA,NUMERIC,NATIONAL,SPECIAL))
RALTER CDT @IDMS CDTINFO(DEFAULTRC(8) OPERATIONS(NO))
RALTER CDT @IDMS CDTINFO(PROFILESALLOWED(YES) GENERIC(ALLOWED) )
RALTER CDT @IDMS CDTINFO(POSIT(nnn) RACLIST(REQUIRED))
SETROPTS CLASSACT(CDT)
SETROPTS REFRESH RACLIST(CDT)
SETROPTS CLASSACT(@IDMS)
SETROPTS REFRESH RACLIST(@IDMS)
SETROPTS AUDIT(@IDMS)
SETROPTS GENERIC(@IDMS)

Where nnn is a posit number that does not conflict with an existing value.

Additional Information

See documentation section Defining External Signon Security and STIG ID - BIDMR006: Define the IDMS Resource Facility Class within RACF and article Securing IDMS externally via RACF.

Feedback

thumb_up Yes

thumb_down No