ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Unknown Tape With TAPE() TSS Control Option set to DSN.

book

Article ID: 49392

calendar_today

Updated On:

Products

Cleanup Datacom DATACOM - AD CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services CA ECOMETER SERVER COMPONENT FOC EASYTRIEVE REPORT GENERATOR FOR COMMON SERVICES INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA ON DEMAND PORTAL CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware Top Secret Top Secret - LDAP Top Secret - VSE

Issue/Introduction

Description:

What happens when TSS encounters an unknown tape?

Solution:

IMPORTANT: This article contains information about modifying the registry.
Before you modify the registry, make sure to create a back up of the registry and ensure that you understand how to restore the registry if a problem may occur.
For more information about how to back up, restore, and edit the registry, please review the relevant Microsoft Knowledge Base articles on support.microsoft.com.

CA Top Secret will perform data set name checking using the full data set name supplied on the DSNAME keyword of the JCL. If CA Top Secret cannot determine the DSNAME, such as when creating an NL tape from an SL tape, CA Top Secret supplies a data set name of:

  $$.UNKNOWN.TAPE.DSN

If you encounter a security violation for this dataset name, you will need to add a PERMIT for this data set name as follows:

  TSS PERMIT(ALL) DSNAME($$.UNKNOWN.TAPE.DSN)  ACCESS(ALL)

With control option TAPE(DSN) option, TSS looks for a dsn name. If not found, you will receive a dataset security violation for $$.UNKNOWN.TAPE.DSNfor with a Detailed Resason Code of 65 or DRC 65.

Remediation would be to:

  1. Set TAPE(OFF) and use the CA-1 interface. CA-1 as tape manager

  2. Or run with TAPE(DSN) and use a TSS PER(ALL) DSN($$.UNKNOWN.TAPE) ACCESS(ALL) ACTION(AUDIT)

A permit to VOLUME(Z(G)) ACCESS(ALL) would work as it should avoid dsn checking. Letter "Z" is an example of the first character of a volume.

The preferred method would be to set control option TAPE(OFF) and use CA-1 tape security or another tape management software solution, because TSS was not design to be a tape management product.

Environment

Release:
Component: AWAGNT