Getting ACF2 ACF99913 Violation with a SCOPE DSN high-level index name, why?
A SCOPE record grants no special privileges to a user. A SCOPE record provides you with a means to delegate security administration to other logonids and limit the power of those logonids.
For example adding a DSN hlq ABCDEF to a SCOPE record's DSN data set high-level index names does not give the logonid access to that hlq, it allows that logonid to administer dataset access rules for the hlq ABCDEF.
In order for logonid USER001 to have access dataset ABCDEF.CNTLFILE the dataset access rule ABCDEF needs to be updated to allow logonid USER001 access.