DSNT408I SQLCODE = -552, ERROR: xxxxxxxx DOES NOT HAVE THE PRIVILEGE TO PERFORM OPERATION CREATE STOGROUP

book

Article ID: 6794

calendar_today

Updated On:

Products

CA Top Secret CA Top Secret - LDAP

Issue/Introduction

Our DBA is getting the below error, which is NOT showing up in the CA Top Secret TSSUTIL report. The correct resources were permitted and the ACID was refreshed, but the error still occurs. 

DSNT408I SQLCODE = -552, ERROR: xxxxxxxx DOES NOT HAVE THE PRIVILEGE TO PERFORM OPERATION CREATE STOGROUP

where 'xxxxxxxx' is the 8 character ACID for the secondary authid. 

This occurs when using SPUFI (in TSO). 

Cause

The 8 character secondary authid ACID was being truncated to 7 characters (the first 7 characters) because UIDACID=7 was set on the TSO facility. When using SPUFI, the signon for the secondary authid happens under the TSO facility. (Most of the DB2 signons happen under the facility the requesting user originates from.) 

Environment

Release: TOPSDB00200-1.3-Top Secret-Security-Option for DB2 UDB
Component:

Resolution

Set UIDACID=8 on the TSO facility or use 7 character (or less) secondary authids.