How to resolve ACF00042 ACMCB/ACUCB NOT ALLOWED - INVALID AUTHORITY while running ACFMERGE utility batch job?
search cancel

How to resolve ACF00042 ACMCB/ACUCB NOT ALLOWED - INVALID AUTHORITY while running ACFMERGE utility batch job?

book

Article ID: 5807

calendar_today

Updated On:

Products

ACF2 ACF2 - z/OS ACF2 - MISC

Issue/Introduction

Running the ACFMERGE utility batch job and getting message ACF00042 ACMCB/ACUCB NOT ALLOWED - INVALID AUTHORITY.

The userid was added MUSASS and MUSUPDT, then ran ACFMERGE that resulted in following message.

ACF02031 NOT AUTHORIZED TO USE CONDITIONAL BYPASS PROCESSING

Environment

CA ACF2 for z/OS release 15 and 16.

Cause

ACF00042 message reason: The request the CA ACF2 SVC-A routines processed specifies a user control block (ACUCB or ACMCB), but the requestor lacks the proper authority. This type of request requires APF authorization or the CA ACF2 MUSASS attribute.

ACF02031 message reason: A non-APF-authorized caller issued an SVC-A ACALT request and asked for the conditional bypassing of processing routines by setting the ACACNTL/ACACBPRC flag in the ACALT parameter list.

 

Resolution

This macro requires not only Library APF authorization, but also SETCODE AC(1). If you browse the library, there is a column for the AC value. It will be either 00 or 01. Programs with value of 00 means the program is not authorized, and a value of 01 means it is authorized.

 ACFMERGE needs to be 01. Here is a relink JCL example: 

//jobname  EXEC PGM=IEWL, 
//      PARM='LIST,MAP,XREF,AMODE=31,REUS(RENT),RMODE=ANY' 
//SYSLIB DD DISP=SHR,DSN=SCEELKEX 
//           DD DISP=SHR,DSN=SCEELKED 
//           DD DISP=SHR,DSN=CSSLIB 
//SYSLMOD DD DISP=SHR,DSN=CAI.CAX1LINK 
//SYSDEFSD DD DUMMY 
//AAX1MOD0 DD DISP=SHR,DSN=AAX1MOD0 
//SYSLIN DD * 
 ORDER ACF50MRG 
 INCLUDE AAX1MOD0(ACF50MRG) 
 INCLUDE AAX1MOD0(ACF$GCVT) 
 ENTRY ACF50MRG
 MODE  AMODE(31),RMODE(ANY)  
 SETCODE AC(1)
 NAME ACFMERGE(R) 

In order to resolve the issue please Relink load module ACFMERGE and change SETCODE AC(0) to SETCODE AC(1), then submit ACFMERGE to successfully update the ACF2 database.

*NOTE - make sure the SYSLIN statements are not in column 1.  They need to start in column 2.

 

Additional Information

For further information on ACFMERGE - Merge Password Information in Database, please review following link:

https://docops.ca.com/ca-acf2-for-z-os/16-0/en/reporting/utilities-for-ca-acf2-administration/acfmerge-merge-password-information-in-database

Powered by Wolken Software