Our DBA is getting the below error, which is NOT showing up in the CA Top Secret TSSUTIL report. The correct resources were permitted and the ACID was refreshed, but the error still occurs.
DSNT408I SQLCODE = -552, ERROR: xxxxxxxx DOES NOT HAVE THE PRIVILEGE TO PERFORM OPERATION CREATE STOGROUP
where 'xxxxxxxx' is the 8 character ACID for the secondary authid.
This occurs when using SPUFI (in TSO).
The 8 character secondary authid ACID was being truncated to 7 characters (the first 7 characters) because UIDACID=7 was set on the TSO facility. When using SPUFI, the signon for the secondary authid happens under the TSO facility. (Most of the DB2 signons happen under the facility the requesting user originates from.)
Release: TOPSDB00200-1.3-Top Secret-Security-Option for DB2 UDB
Set UIDACID=8 on the TSO facility or use 7 character (or less) secondary authids.