I am trying to execeute an IMS command that is controlled by the ACF2/IMS interface. I get messages ACFDC040 and ACF04056 Which state that I am getting a violation - but I am allowed to issue the command successfully.

Document ID : KB000045296
Last Modified Date : 14/02/2018
Show Technical Document Details

Problem:

We had a developer who logged on to one of our production IMS Subsystem thinking it was a test environment. 
He was able to issue a /ASSIGN TRAN command despite not having authority: 
ACFDC040 LOGONID DZW4SH SOURCE VPL20512 ACCESS TO COMMAND ASSIGN 
ACF04056 ACCESS TO RESOURCE ASSIGN TYPE RC16 BY DZW4SH NOT AUTHORIZED 
/ASS TRAN OSW1I07 CLASS 2 
DFS058I  ASSIGN COMMAND COMPLETED 

I reviewed the rules that govern the IMS Commands for ASSIGN and verified that he does not have authority to this command.

 

Resolution: 

ACF2/IMS uses the DFSCCMD0 exit point in IMS.
if there is another version of DFSCCMD0 in the IMS RESLIB - ACF2 will pass control to that module if CMDMCS is set to either B or C.

The default IMS version of this module will allow access.

If you rename the module in the IMS reslib - the outcome of the ACF2 validation will be honored