After installation of CA Compliance Event Manager the first signon is getting 'Other LDP7005E User U201814 denied access to class CACEM, entity CEM.POLICY.ACTION, access level READ, SAF=4/4/0', what causes this error?
The error 'Other LDP7005E User U201814 denied access to class CACEM, entity CEM.POLICY.ACTION,
access level READ, SAF=4/4/0' return codes indicate the following:
RACROUTE return codes:
04 Requested function could not be completed. No RACF decision.
04 The specified resource is not protected by RACF. If PROTECTALL is active, no profile is found, and the user ID whose authority was checked does not have the SPECIAL attribute, RACF returns a return code X'08' instead of a return code X'04' and denies access.
00 One of the following has occurred:
I verified that the following RACROUTE AUTH call is issued from the CEMELDAP server for the CEM.POLICY.ACTION resource:
- There is no RACF profile protecting the resource.
- RACF is not active.
- Specified class is not in the RACF class descriptor table.
- Specified class (other than DSNR) is not active.
- Specified class requires SETROPTS RACLIST option to be active and it is not.
- CLASS TEMPDSN was active and the data set is a temporary data set. REQUEST=AUTH Chapter 3. System Macros 43
- A userid of *BYPASS* has been passed on the authorization check. No profile checking will occur.
JOBNAME: CEMELDAP USERID: CEMSTC
PROGRAM: BPXPTATT RB CURR: BPXPTATT APF: YES SFR/RFR: 4/4:0
Based on the RACROUTE call and the return codes we recommend checking with the RACF security administrator to verify the above possible causes that may have occurred.