PQ59488: MISSING RACF DEFINITIONS GENERATED | |||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||
APAR status Closed as fixed if next. Error description The RACF definitions generated by the ispf customization dialogs for OPERCMDS are missing a permission for the system management control region identity to start naming and ir. This is required during bootstrap processing. The following failure is encountered: 14.09.34 STC01345 START BBONM.NAMING01,SRVNAME='NAMING01',PARMS='-ORBCBI COLD' 14.09.34 STC01345 IEE345I START AUTHORITY INVALID, FAILED B SECURITY PRODUCT 14.09.34 STC01345 ICH408I USER(SYSWSMC ) GROUP(CBCTL1 ) NAME( SYSMGT CR ) MVS.START.STC.BBONM.NAMING01 CL(OPERCMDS) INSUFFICIENT ACCESS AUTHORITY This is what is generated: "PERMIT MVS.START.STC.** CLASS(OPERCMDS) ID(SYSWSDM SYSWSMS) || , "PDATE)" "PERMIT MVS.STOP.STC.** CLASS(OPERCMDS) ID(SYSWSDM SYSWSMS) A || , "DATE)" "PERMIT MVS.MODIFY.STC.** CLASS(OPERCMDS) ID(SYSWSDM SYSWSMS) || , "UPDATE)" "PERMIT MVS.CANCEL.STC.** CLASS(OPERCMDS) ID(SYSWSDM SYSWSMS) || , "UPDATE)" "PERMIT MVS.FORCE.STC.** CLASS(OPERCMDS) ID(SYSWSDM SYSWSMS) || , "ONTROL)"Local fix Issue racf command to provide this authority. A sample follows: "PERMIT MVS.START.STC.** CLASS(OPERCMDS) ID(<sm ctl ident>) || , "PDATE)"Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * V4.0.1 for z/OS and OS/390 * **************************************************************** * PROBLEM DESCRIPTION: If the authorization for Operator * * Commands (OPERCMDS) is set by the * * "WebSphere for z/OS Customization" * * Dialog, boostrap processing fails. * * The following failure is encountered: * * IEE345I START AUTHORITY INVALID, * * FAILED BY SECURITY PRODUCT * * ICH408I USER(XXXXXXX ) GROUP(CBCTL1 ) * * NAME(SYSMGT CR ) * * MVS.START.STC.BBONM.NAMING01 * * CL(OPERCMDS) * * INSUFFICIENT ACCESS AUTHORITY * **************************************************************** * RECOMMENDATION: * **************************************************************** The RACF definitions generated by the "WebSphere for z/OS Customization" Dialog for OPERCMDS are missing a permission for the system management control region identity to start the naming and Interface Repository Servers.Problem conclusion Temporary fix Comments This APAR is being closed FIN with concurrence from the submitting customer. A solution to this problem will be delivered in a WebSphere Application Server for z/OS and OS/390 release within the next 18 months.
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ59488
IBM Group: Software Group
Modified date: Apr 30, 2002
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.