How to Implement External Security for Datacom - Troubleshooting?
search cancel

How to Implement External Security for Datacom - Troubleshooting?

book

Article ID: 51507

calendar_today

Updated On:

Products

Datacom DATACOM - AD Ideal CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services CA ECOMETER SERVER COMPONENT FOC Easytrieve Report Generator for Common Services INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA ON DEMAND PORTAL CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware

Issue/Introduction

Description:

This article is a summary of what to look for when the external security is not working as expected, and what type of information CA's technical support requires to resolve the problem(s).

Solution:

If you have an external security problem, first check for the informational DB00220I message at Multi-User Startup. If this message does not appear in the system messages at startup, external security is not in effect.


DB00220I EXTERNAL SECURITY ACTIVE FOR cxxname ON product WITH resource class

  • cxxname is the name of the CXX.

  • The product or feature displayed is one of the following:

    DATADICTIONARY
    DATAQUERY
    SQL
    VIEW
    XCF
    RAT CICS
    RAT CICS DQ
    RAT OTHER
    RAT OTHER DQ
    RAT SERVER
    SQL CICS
    SQL OTHER
    SQL OTHER DQ
    SQL CICS DQ
    SQL SERVER

  • The resource class is displayed for any of the SQL and RAT (record-at-a-time) paths that are secured and is one of the valid table resource classes as specified in the external security definition and the Multi-User startup options.

To support the new class-and-path definitions, error message DB00205E is issued. The format for this message is as follows: 

    DB00205E MULTI-USER ? ERROR - nnnn SUBID=x (SVC=yyy) (mufname) (groupname)

Explanation: An error occurred while initiating the Multi-User Facility in the SUBID x. If "MUFNAME=" has been specified in the DBSYSID macro of the DBSIDPR module, the "SUBID=" in the message text is replaced by "MUFNAME=".

When the ERROR is 1081, the message is followed by mufname groupname.

Where:

mufname Name of the Multi-User Facility for which the security check failed groupname Name of the group for which the security check failed

User Response: If nnnn is less than 100, see Chapter 8, "SVC Error Codes" on page 8-1 for a description of the problem and take the appropriate action. If nnnn is greater than 1000, see the error descriptions in the CA Datacom/DB Message Guide.

Information to Provide to Technical Support:

Be prepared to provide the following information to our Technical Support staff:

  1. What type of external security is supposed to be in effect?

  2. What resources have been defined in external security product?

  3. What are the messages received at Multi-User startup, specifically the DB00220I message and if any DB00205E messages?

  4. What does the Multi-User Startup Option SECURITY indicate?

  5. Is CAISSF installed?

  6. What is coded for the DBSIDPR CASEC= parameter?

  7. What is coded for the DBCVTPR USERID= parameter?

  8. If using external security to secure online access, review the requirements documented in the section on Enabling Online Signons in the CA Datacom Security Guide.

Environment

Release:
Component: DB
Powered by Wolken Software