This article is a summary of what to look for when the external security is not working as expected, and what type of information CA's technical support requires to resolve the problem(s).
If you have an external security problem, first check for the informational DB00220I message at Multi-User Startup. If this message does not appear in the system messages at startup, external security is not in effect.
DB00220I EXTERNAL SECURITY ACTIVE FOR cxxname ON product WITH resource class
- cxxname is the name of the CXX.
- The product or feature displayed is one of the following:
RAT CICS DQ
RAT OTHER DQ
SQL OTHER DQ
SQL CICS DQ
- The resource class is displayed for any of the SQL and RAT (record-at-a-time) paths that are secured and is one of the valid table resource classes as specified in the external security definition and the Multi-User startup options.
To support the new class-and-path definitions, error message DB00205E is issued. The format for this message is as follows:
DB00205E MULTI-USER ? ERROR - nnnn SUBID=x (SVC=yyy) (mufname) (groupname)
Explanation: An error occurred while initiating the Multi-User Facility in the SUBID x. If "MUFNAME=" has been specified in the DBSYSID macro of the DBSIDPR module, the "SUBID=" in the message text is replaced by "MUFNAME=".
When the ERROR is 1081, the message is followed by mufname groupname.
mufname Name of the Multi-User Facility for which the security check failed groupname Name of the group for which the security check failed
User Response: If nnnn is less than 100, see Chapter 8, "SVC Error Codes" on page 8-1 for a description of the problem and take the appropriate action. If nnnn is greater than 1000, see the error descriptions in the CA Datacom/DB Message Guide.
Information to Provide to Technical Support:
Be prepared to provide the following information to our Technical Support staff:
- What type of external security is supposed to be in effect?
- What resources have been defined in external security product?
- What are the messages received at Multi-User startup, specifically the DB00220I message and if any DB00205E messages?
- What does the Multi-User Startup Option SECURITY indicate?
- Is CAISSF installed?
- What is coded for the DBSIDPR CASEC= parameter?
- What is coded for the DBCVTPR USERID= parameter?
- If using external security to secure online access, review the requirements documented in the section on Enabling Online Signons in the CA Datacom Security Guide.