CAMASTER commands and RACF definitions.

Document ID : KB000032881
Last Modified Date : 14/02/2018
Show Technical Document Details

Issue:

When I am issuing the command:

F CAMASTER,START COMPONENT=CAVARSRV

 

I get the error message:

IEE345I COMMAND AUTHORITY INVALID, FAILED BY SECURITY

ICH408I USER(A99380 ) GROUP(£GZS ) NAME(MYNAME) 
CAMASTER.START CL(OPERCMDS) INSUFFICIENT ACCESS AUTHORITY
FROM ** (G) ACCESS INTENT(CONTROL) ACCESS ALLOWED(NONE )

 

 

Environment: 

 

CA Common Services r14.1

IBM RACF security product

 

 

Cause:

 

There are no RACF definitions for the START command for the CAMASTER address space.

  

Resolution:

 
The communication with the CAMASTER address space is accomplished with MVS operator MODIFY commands in the following format:

F CAMASTER,command

The security resource class for these commands is OPERCMDS. The resource entity name is CAMASTER.command for all available commands.

 

Command:

F CAMASTER,START COMPONENT=component

Security resource:

OPERCMDS(CAMASTER.START)

 

The START command requires a user to have CONTROL access to permit the execution of START commands. Here is an example of the RACF commands to define the related resource and to grant access to a specific user.

RDEFINE OPERCMDS CAMASTER.** UACC(NONE)

PERMIT CAMASTER.START CLASS(OPERCMDS) ID(userid) ACCESS(CONTROL)

 

Additional Information:  

 

For more information about the CAMASTER address space, you can refer to the CA Common Services for z/OS r14.1 Reference Guide.