PK01668: APAR PQ91919 does not eliminage WebSphere's unexpected use of CBS390 as domain name even when customer 05/02/24 PTF PEREMOVE | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description APAR PQ91919 does not eliminate WebSphere for z/OS's use of the APPL name CBS390 if the APPL profile CBS390 is defined, but the user has changed his domain short name to something else.Local fix Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * V5.0 for z/OS * **************************************************************** * PROBLEM DESCRIPTION: Three problems exist when a security * * prefix is defined. * * . * * The first is: * * . * * CORBA::NO_PERMISSION with minor code * * C9C24006 on RMI/IIOP connections * * . * * A RACF error is displayed on the * * console : * * ICH408I USER(WSCRUSR ) GROUP(WSCFGG ) * * NAME(WAS APPSRV CR ) * * CB.BIND.<server> CL(CBIND ) * * INSUFFICIENT ACCESS AUTHORITY * * FROM CB.* (G) * * ACCESS INTENT(READ ) * * ACCESS ALLOWED(NONE ) * * . * * The Second is: * * . * * A login failure may occur in the * * servant if a user is not authorized * * to the CBS390 APPL profile * * . * * An error such as the following * * may be seen on the console : * * ICH408I USER(WZN101AS) GROUP(STC ) * * NAME(APPLICATIoN SERVER) * * CBS390 CL(APPL ) * * WARNING: INSUFFICIENT AUTHORITY - * * TEMPORARY ACCESS ALLOWED * * FROM CBS* (G) * * . * * The third is: * * . * * A controller will be unable to * * use a passticket as a security * * mechanism to another server. A * * CORBA::NO_PERMISSION with minor * * code C9C24086 will be thrown in * * the target server. Messages * * BBOS0003E and BBOS0018E will * * appear in the target server log. * * . * * BBOS0003E initACEE (IRRSIA00) * * failed for MVS Userid: CBSYMSR1, * * with APPLID: MYAPPL, with SAF * * Return Code=8, RACF Return Code=8, * * RACF Reason Code=20. * * . * * BBOS0018E MSG_BBOSENUS_SEC_INV_PW_PTK * * RACF - Password or Passticket is not * * valid during init_acee create * * * **************************************************************** * RECOMMENDATION: * **************************************************************** All the failures occured because the application server incorrectly used the default CBS390 as the APPL profile instead of the user specified security prefix.Problem conclusion The paths that were still using the default CBS390 were changed to use the user specified security prefix. APAR PK01668 is associated with SERVICE LEVEL W502028 of WebSphere Application Server V5.0 for z/OS.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: PK01662 APAR is sysrouted TO one or more of the following: UK02482 Modules/Macros
Publications Referenced
|
Document Information |
Current web document: swg1PK01668.html
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 500
Software edition:
Reference #: PK01668
IBM Group: Software Group
Modified date: May 2, 2005
(C) Copyright IBM Corporation 2000, 2009. All Rights Reserved.