Security Read Access requirements for Autoproc with CA JCLCheck Workload Automation

book

Article ID: 51704

calendar_today

Updated On:

Products

CA JCLCheck Workload Automation

Issue/Introduction

When the CA JCLCheck WA "AUTOPROC" feature is enabled, a security call is made for each PROCLIB returned by JES. If READ access of a proclib fails, CA JCLCheck WA issues message "CAY6488W PROCLIB "data set name" NOT DEFINED. READ ACCESS DENIED BY SECURITY", and the proclib is omitted from allocation.



Environment

Release: 12.0
Component: CA JCLCheck Workload Automation

Resolution

CA JCLCheck WA must be given read-access authority to all input sources, including procedure libraries that are defined to the JES startup. If this is not feasible, and you do not want to see message CAY6488 issued, you may suppress it by applying usermod MZ2C023 from the CA JCLCheck WA hlq.CAZ2CJCL data set.

Also, to prevent the security message issued by the security application (ACF2, Top Secret, or RACF), use the following JCLCheck runtime option: SECURITY(NOPROG, NODASD, NOSTOR, NOMGMT, NOLOG). If the SECURITY option is already enabled, simply add "NOLOG" to the list of sub-options.