"Environment not Defined" trying to add element in Endevor through Quick Edit
Article ID: 414587
Updated On:
Products
Issue/Introduction
Short message "Environment not defined" may arise in Quickedit when:
- Trying to create a new element via CREATE command
- Trying to display an element list with an explicit environment name entered in the panel
The ID of the message is ENDE004E. It may be displayed by the MSGID command while the message is being displayed in the panel.
The long form of the message (displayed by hitting F1) is "ENDE004E Environment is not defined or you are not authorized"
Cause
This message means that the environment name entered in the panel is not valid because:
- It is not defined in the C1DEFLTS table nor as a dynamic environment
- The environment exists but the user has not passed the security check to use it
Resolution
To check whether the environment is defined and whether the userid has permission to use it, take an Endevor options report together with an external security (ESI) trace as follows:
- Logoff and logon from TSO. This is not strictly required but will help to ensure that any output you find later in the JES2 queues belongs to the current session
- Issue command TSO ALLOC FI(EN$TROPT) SYSOUT(X) SPIN(NO)
- Issue command TSO ALLOC FI(EN$TRESI) SYSOUT(X)
- Get into Quickedit and get out
- Find the options report printed to ddname EN$TROPT among the JES2 outputs from your TSO session
- Find also the ESI trace printed to ddname EN$TRESI
The options report prints all the environments defined for the run. For example:
Endevor Site Options Settings
ENVIRONMENT DEFINITIONS - C1DEFLTS CREATED: 12/12/24 - 16.55
Env ------- Stage 1 ------- ------- Stage 2 ------- ---- Next ----
Name ID Name Entry Stage ID Name Entry Stage Env Stage
RWRK 1 RWRK1 Y 2 RWRK2 N WRK 2
WRK 1 WRK1 Y 2 WRK N DEV 1
DEV 1 UNITTEST Y 2 UTC N QA 2
QA 1 QAINT Y 2 QATURN N PRD 2
PRD 1 PRDFIX Y 2 PRD N
If the environment name requested in the panel DOES NOT show up in the report, that is the reason for the message. You need to either:
- Specify a valid environment name
- Ensure that you use the right C1DEFLTS table which defines the intended environment
The particular C1DEFLTS table used in the run may depend on:
- The library chain used in the run. Remember that C1DEFLTS loads from STEPLIB DD
- Whether you have an ENUXSITE exit instructing Endevor to load the defaults from a module other than C1DEFLTS. To check this point, see the module name in the above report.
- A particular case is our factory-default ENUXSITE exit, which will load module C1DEFLxx if ddname EN$DFTxx is allocated to the run, where 'xx' is any pair of characters, like 01, 02, TS...
If the environment name SHOWS UP in the report, then it must be a matter of security. You need therefore to check the ESI trace.
The security checks for the ENVIRONMENT_ACCESS point are performed during initialization so they show up at the beginning of the trace. This is a sample taken from our system:
ENCS101I Format=0001 Pass=0000 Auth=READ ACEE=00000000 ENDYNENC ENVPATH +000BB4
ENCS101I Class=DATASET Log=NONE Func=RETRIEVE
ENCS101I Scale=0....+....1....+....2....+....3....+....4....+....5....+....6
ENCS101I Entity=MF20.ENVIRON.RWRK
ENCS101I User <userid> access is allowed from SAF
ENCS101I RACROUTE RC=0000 RACHECK RC=0000 Reason=0000
In the trace entry, note:
- Format=0001 indicates the ENVIRONMENT_ACCESS check
- Auth= is the access level requested from RACF
- Class= is the resource class passed to RACF
- Entity= is the resource name passed to RACF
- The result of the check may be either "access is allowed" or "access is denied"
- The last line shows the return and reason codes returned by RACF. They give some clue when RACF fails the check
Feedback
