CA CEVM signon getting LDP7005E error for entity CEM.POLICY.ACTION with SAF=4/4/0

Document ID : KB000107803
Last Modified Date : 25/07/2018
Show Technical Document Details
Question:
After installation of CA Compliance Event Manager the first signon is getting  'Other LDP7005E User U201814 denied access to class CACEM, entity CEM.POLICY.ACTION, access level READ, SAF=4/4/0', what causes this error?
Answer:
The error 'Other LDP7005E User U201814 denied access to class CACEM, entity CEM.POLICY.ACTION, 
access level READ, SAF=4/4/0' return codes indicate the following: 

RACROUTE return codes: 

04 Requested function could not be completed. No RACF decision. 

04 The specified resource is not protected by RACF. If PROTECTALL is active, no profile is found, and the      user ID whose authority was checked does not have the SPECIAL attribute, RACF returns a return code X'08' instead of a return code X'04' and denies access. 

       00 One of the following has occurred: 
  • There is no RACF profile protecting the resource. 
  • RACF is not active. 
  • Specified class is not in the RACF class descriptor table. 
  • Specified class (other than DSNR) is not active. 
  • Specified class requires SETROPTS RACLIST option to be active and it is not. 
  • CLASS TEMPDSN was active and the data set is a temporary data set. REQUEST=AUTH Chapter 3. System Macros 43 
  • A userid of *BYPASS* has been passed on the authorization check. No profile checking will occur. 
I verified that the following RACROUTE AUTH call is issued from the CEMELDAP server for the CEM.POLICY.ACTION resource: 

JOBNAME: CEMELDAP USERID: CEMSTC 
PROGRAM: BPXPTATT RB CURR: BPXPTATT APF: YES SFR/RFR: 4/4:0 
RACROUTE REQUEST=AUTH,CLASS='CACEM',RELEASE=1.9,STATUS=NONE, 
ATTR=READ,DSTYPE=N,DECOUPL=YES, 
ENTITYX=('CEM.POLICY.ACTION'),FILESEQ=0,GENERIC=ASIS, 
LOG=ASIS,MSGRTRN=YES,MSGSP=10,MSGSUPP=YES,TAPELBL=STD, 
USERID='U201814',WORKA= 

Based on the RACROUTE call and the return codes we recommend checking with the RACF security administrator to verify the above possible causes that may have occurred.