?Who Has Access? with a logonid that has Security and Audit privileges receives ACF03011 error indicating not authorized.
search cancel

?Who Has Access? with a logonid that has Security and Audit privileges receives ACF03011 error indicating not authorized.

book

Article ID: 44642

calendar_today

Updated On:

Products

Data Content Discovery

Issue/Introduction

When I do a ‘Who Has Access’ with my logonid that has Security and Audit privileges I receive ACF03011 error indicating that I am not authorized, why?

 

 

Environment

Release:
Component: DCD

Resolution

Your CA Data Content Discovery Controller user ID requires the following resources 

to view who has access information: 

 DCD.SCAN.STATUS.OVERVIEW to log in and see status information

DCD.SCAN.STATUS.RESULTS to view reporting and scan results 

DCD.SCAN.STATUS.WHOHAS to view the who has access results 

The Who Has access results are based on your external security manager (ESM) as follows: 

CA ACF2: Results are limited by the authority that is granted to you by the ACCESS|NOACCESS 

field in the GSO OPTS record. Results reflect what CA ACF2 returns through the ACCESS subcommand.

 CA Top Secret: Results are limited by the authority that is granted to you for using the 

WHOHAS command. Results reflect what CA Top Secret returns through the WHOHAS command. In 

the results, each profile listing is expanded to show all ACIDs in the profile.

 IBM RACF: Results are limited by the authority that is granted to you to use the LISTDSD

command. In the results, each group listing is expanded to show all userids in the group.

 The DCDCONTL started task requires the following. 

CA ACF2: The DCDCONTL logonid requires AUDIT or SECURITY.

CA Top Secret: The DCDCONTL ACID requires TSS admin authority called ACID(INFO). 

IBM RACF: The DCDCONTL userid requires the AUDITOR attribute.