Getting the RC=13 at the CA Mainframe Software Manager Tomcat Server (MSMTC) started task.

Document ID : KB000051025
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

At the startup of CA Mainframe Software Manager Tomcat Server (MSMTC) you get the error:

SafManager - initialiseDSI() : Return code from DDSI_java_open is higher then zero. RC=13
FATAL 2009-10-08 12:19:18,361 (SystemManager.java:224): SafError
    Attached diagnostic text:
        Error during DSI java open. RC=13

And then started task ends.

Solution:

There are 3 possibilities which could cause the error.

  1. The DSI port is already in use by another application.
  2. There is a difference in the port number between DSI and the port using with CA Mainframe Software Manager Tomcat.
  3. MSM cannot find the IP address the DSI server is running on.

If you don't need the extra DSI security in CA Mainframe Software Manager, you can turn it OFF by defining IJO="$IJO -Dactivate.saf.manager=false" in the msm.SAMPLIB(MSMLIB) member.

However if security is required in CA Mainframe Software Manager, then see below description.

During the setup of CA Mainframe Software Manager the port number is specified at the MSMDSIPORTNO parameter and placed into the MSMSetupOptionsFile.properties.

...
#-------------------------CA MSM parms-------------------------------#
#Specify three unique unused port numbers for CA MSM
#Recommended default value is 21120 for MSM Server Port No
MSMServerPortNo=21120
 
#Recommended default value is 21130 for MSM DSI Server Port No
MSMDSIPORTNO=21130
 
#Recommended default value is 21140 for MSM Redirect Port No
MSMConnectorRedirectPortNo=21140
...

The port number specified in MSMDSIPORTNO needs to be unique and cannot be shared with other DSI interfaces.

During the install the value is stored at 3 places:

  1. The dsi.conf file is stored in the RunTimeUSSPath/dsi/, where RunTimeUSSPath is a parameters of MSMSetupOptionsFile.properties. Default path is .../msmserv/rt/dsi/dsi.conf
  2. The msm.SAMPLIB member DBINIT (DBUPDATE).
  3. The CA Mainframe Software Manager database.

ad 1. Verify Content of dsi.conf (usually in .../msmserv/rt/dsi/dsi.conf)

###############################################################
### This is the DSI Server component configuration file
###############################################################
#
###############################################################
host localhost        <-- sometimes localhost does not work, use 127.0.0.1
###############################################################
port 22130            <-- verify that port is available via onetstat from uss console
###############################################################
#TLSKeyringFile /u/users/msmdev/dsi/cert/CA_SelfSigned_Server.kdb
###############################################################
#TLSKeyringStash /u/users/msmdev/dsi/cert/CA_SelfSigned_Server.sth
###############################################################
#TLSKeyLabel "Cert for SelfSigned Server"
###############################################################
#TLSVerifyClient ON
###############################################################

Issue manually from uss console rmtauthz -f <path to dsi.conf> -d 65535 eg.

cd .../msmserv/rt/lib
rmtauthz -f .../msmserv/rt/dsi/dsi.conf -d 65535

Output of successful startup of rmtauthz:

[03:27:38.909965|3B58610000000001] @(#) $CA Distributed Security Integration for z/OS: rmtauthz 14SP1.2010.0129 $
BRUEW01@XAD1:/a/devbin/EIGProds/dsi2/branches/r14sp1/release/server
[03:27:38.910119|3B58610000000001] read_config: reading config file /msmserv/rt/dsi/dsi.conf
[03:27:38.910164|3B58610000000001] line 6 (host localhost)
[03:27:38.910201|3B58610000000001] line 8 (port 22130)
[03:27:38.923623|3B58610000000001] ==> daemon_init(localhost,22130)
[03:27:39.213892|3B58610000000001] ch_calloc(1,64,SIdaemon.c,217) ==> 3AD83DE8
[03:27:39.213970|3B58610000000001] daemon_open_listener: trying to open listener 127.0.0.1:22130
[03:27:39.215013|3B58610000000001] daemon_open_listener: opened listener on 4 for 127.0.0.1:22130
[03:27:39.215050|3B58610000000001] daemon_init: 1 listener opened
[03:27:39.215122|3B58610000000001] ==> connections_init
[03:27:39.215152|3B58610000000001] ch_calloc(1,56,SItpool.c,242) ==> 3AD83EB0
[03:27:39.215972|3B58610000000001] ch_calloc(2048,240,SIconn.c,140) ==> 3ADC3028
[03:27:39.216031|3B58610000000001] <== connections_init - rc=0
[03:27:39.216088|3B58610000000001] daemon_init: wake_sds={5,6}
[03:27:39.216384|3B58610000000001] <== daemon_init(localhost,22131) ==> 0
[03:27:39.216732|3B58610000000001] rmtauthz started.
[03:27:39.216745|3B52450000000002] ==> daemon_stop(*)
[03:27:39.216781|3B52450000000002] +++OPRICOMM() ==> F062D0
[03:27:39.216973|3B52450000000002] +++OPRISCNT(F062D0,8) ==> 0
[03:27:39.216996|3B693F0000000003] ==> daemon_task()
[03:27:39.217011|3B52450000000002] Operator communications thread sleeping
[03:27:39.217047|3B693F0000000003] daemon_task: select: readfds={4,5}

Verify content of SAMPLIB(MSMLIB)

IJO="$IJO -Ddebug.dsi.server=true"                     <-- enable debug messages from rmtauthz
IJO="$IJO -Ddebug.saf.manager=true"                    <-- enable debug messages from rmtauthz
IJO="$IJO -Dlogfile.saf.manager=/tmp/dsi_client.log"   <--- path log file from rmtauthz, you need r/w access to /tmp folder

Turn on SAF logger via log4j.properties, file is in .../msmserv/rt/webapps/MSM/WEB-INF/classes

log4j.rootLogger=error, dd
 
#
# Appender definitions
#
log4j.logger.com.ca.mf20.saf=debug           <-- enable debug level of SAF component in CA MSM

ad 2/3. Verify Content of database via sql:

 //xxxxxxx JOB (xxxxxxxxx),'xxxxxxx',
// MSGCLASS=X,CLASS=K
//*********************************************************************
//*********************************************************************
//* *
//*JOBLIB DD DSN=HLQ.CUSLIB replace HLQ by HLQ of you MSM installation*
//* DSN=HLQ.CAILIB replace HLQ by HLQ of you MSM installation*
//* *
//*********************************************************************
//*********************************************************************
//B2UP OUTPUT DEST=LOCAL,JESDS=ALL,DEFAULT=Y,
// PAGEDEF=32D3,CHARS=GT20,FORMDEF=P2B111
//JOBLIB DD DSN=MF20.MSM.SYS2.SMPR.CUSLIB,
// DISP=SHR
// DD DSN=MF20.MSM.SYS2.SMPR.CAILIB,
// DISP=SHR
// DD DSN=SYSDEV.CCS.LINKLIB,
// DISP=SHR
// DD DSN=CEE.SCEERUN,DISP=SHR
// DD DSN=CEE.AIGZMOD1,DISP=SHR
//*
//SQLEXEC EXEC PGM=DBSQLPR,
// PARM='prtWidth=1500,inputWidth=80'
//SYSUDUMP DD SYSOUT=*
//SYSPRINT DD SYSOUT=*
//STDERR DD SYSOUT=*
//STDOUT DD SYSOUT=*
//OPTIONS DD *
AUTHID=CASWMGT  
/* 
//SYSIN DD *  
SELECT * FROM USERCONFIG WHERE KEY like 'dsi%' 
/*

Figure 1

dsiHost does not have to be specified in this case, the default value "localhost" is used.

Verify that values match those vaules in dsi.conf.

  • dsiHost = host, 127.0.0.1 can be used instead of localhost.
  • dsiPort = port,
  • dsiConf points to proper dsi.conf file.

To change values in the database you can use either SQL statement or DBUPDATE technique.

SQL statements:

            value of port can be changed (sql for change of dsiPort  to 8875) :
                     update userconfig set value='8875' where username='$SYSTEM' and key='dsiPort'
             value of dsiConf can be changed (sql for change of dsiConf  to /dsi.conf) :
                     update userconfig set value='/dsi.conf ' where username='$SYSTEM' and key='dsiConf'
             new line can be inserted for dsiHost = 127.0.0.1
                     insert into userconfig values ('$SYSTEM', 'dsiHost','127.0.0.1')

DBUPDATE technique:

copy the msm.SAMPLIB member DBINIT to DBUPDATE.

Change the appropriate statements in the DBUPDATE member.

       #dsiHost=localhost
       dsiPort=22130
       #dsiConf=/u/users/mr3/msmruntime/dsi/dsi.conf

to (remove the #)

       dsiHost=localhost
       dsiPort=22130
       dsiConf=/a/thosa04/mr3/msmruntime/dsi/dsi.conf

then copy the DBINIT DD statement in the MSMTC job and change the new DBINIT DD into the DBUPDATE DD.

Pointing to this new/changed DBUPDATE SAMPLIB member. And comment out the DBINIT for this first run.

The MSMTC procedure then looks like:

             //*DBINIT  DD DSN=CAMSM.RUN.SAMPLIB(DBINIT),
             //*           DISP=SHR
             //DBUPDATE DD DSN=CAMSM.RUN.SAMPLIB(DBUPDATE),
             //            DISP=SHR

Restart MSMTC, once you finish testing comment out DBUPDATE DD.

             //DBINIT  DD DSN=CAMSM.RUN.SAMPLIB(DBINIT),
             //           DISP=SHR
             //*DBUPDATE DD DSN=CAMSM.RUN.SAMPLIB(DBUPDATE),
             //*            DISP=SHR

Expected output of Tomcat

INFO  (main) 2010-10-22 13:45:51,686 (DBComponent.java:80): Database connection initialized.
INFO  (main) 2010-10-22 13:45:55,349 (PrivilegeChecker.java:627): isSecurityEnabled) : Security enabled=true
INFO  (main) 2010-10-22 13:45:55,351 (PrivilegeChecker.java:627): isSecurityEnabled) : Security enabled=true
DEBUG (main) 2010-10-22 13:45:55,438 (SafManager.java:111): SafManager() : instance created.
DEBUG (main) 2010-10-22 13:45:55,439 (SafManager.java:390): SafManager - onSystemStartup() : start
INFO  (main) 2010-10-22 13:45:55,439 (SafManager.java:463): Parameters of SAF manager.
INFO  (main) 2010-10-22 13:45:55,440 (SafManager.java:464): Port: 22131
INFO  (main) 2010-10-22 13:45:55,441 (SafManager.java:465): Host: localhost
INFO  (main) 2010-10-22 13:45:55,441 (SafManager.java:466): Log file: '/tmp/dsi_client.log'
INFO  (main) 2010-10-22 13:45:55,442 (SafManager.java:467): Is debug enabled: true
INFO  (main) 2010-10-22 13:45:55,495 (SafManager.java:475): Configuration file: '/a/vlcvi01/msmserv-R3/rt/dsi/dsi.conf'
INFO  (main) 2010-10-22 13:45:55,496 (SafManager.java:476): Config file content:
INFO  (main) 2010-10-22 13:45:55,497 (SafManager.java:477): ###############################################################
### This is the DSI Server component configuration file
###############################################################
#
###############################################################
host localhost
###############################################################
port 22131
###############################################################
#TLSKeyringFile /u/users/msmdev/dsi/cert/CA_SelfSigned_Server.kdb
###############################################################
#TLSKeyringStash /u/users/msmdev/dsi/cert/CA_SelfSigned_Server.sth
###############################################################
#TLSKeyLabel "Cert for SelfSigned Server"
###############################################################
#TLSVerifyClient ON
###############################################################
DEBUG (main) 2010-10-22 13:45:55,497 (SafManager.java:393): SafManager - onSystemStartup() : config file: /a/vlcvi01/msmserv-R3/rt/dsi/dsi.conf  
DEBUG (main) 2010-10-22 13:45:55,509 (SafManager.java:273): SafManager - initialiseDSI() : start
INFO  (main) 2010-10-22 13:45:55,526 (SafManager.java:289): DSI client log file set to '/tmp/dsi_client.log'
INFO  (main) 2010-10-22 13:45:55,529 (SafManager.java:318): SafManager - initialiseDSI() : Certificates were set.
DEBUG (main) 2010-10-22 13:45:55,529 (SafManager.java:320): SafManager - initialiseDSI() : end
DEBUG (main) 2010-10-22 13:45:57,554 (SafManager.java:326): openDsiConnection start.
INFO  (main) 2010-10-22 13:45:57,595 (SafManager.java:352): Security product: RTSS
INFO  (main) 2010-10-22 13:45:57,596 (SafManager.java:353): Security product version: 14.0
DEBUG (main) 2010-10-22 13:45:57,600 (SafManager.java:446): SafManager - onSystemStartup() : end