Job submitted using ROUTE command with userid ACFJOBID

Document ID : KB000122998
Last Modified Date : 13/12/2018
Show Technical Document Details
Issue:
Attempting to submit a  batchjob using the ROUTE command in Netmaster but an unexpected userid is utilized and the job fails.

Example:
An NCL executes EXEC $DSCALL OPT=SUBMIT DSN=pds(member).
If the user is logged on and executes the NCL the job submits and executes under the user's userid.
If the user executes the NCL as follows: at *+00.00.00 ROUTE=NETMOPER CMD=VSTEST1 the job gets submitted but the user is not Netmaster operator background userid (default NM01OPER) nor is it the user's id. 

The messages in the syslog are: 
14:26:23.67 STC32951 00000094 #3749 START TESTJOB 
14:26:23.67 STC32951 00000094 N12501 TIMER COMMAND 3749 PURGED, EXECUTION LIMIT REACHED 
14:26:23.67 STC32951 00000094 STARTING NCL testjob =========================================== 
14:26:23.67 STC32951 00000094 #3749 EXEC $DSCALL OPT=SUBMIT DSN=SYS1.NETMSTR.COMMANDS(IEFBR14) 
14:26:23.70 00000090 OPM4200I MESSAGE: 'oi bftwtor $HASP100 ZNETV451 ON INTRDR OH1-0039  NSS FROM STC32951 NETMIP' 
14:26:23.70 JOB40039 00000295 $HASP100 ZNETV451 ON INTRDR OH1-0039 NSS FROM STC32951 NETMIP 
14:26:23.70 JOB40039 00000295 $HASP913 ZNETV451 ACF01004 INVALID LOGON ACFJOBID SDEV 
14:26:23.70 JOB40039 00000295 $HASP913 ZNETV451 $ACFJ213 CANCELLED BY ACF2 (ACF01004) 
14:26:23.71 STC32951 00000094 N03906 START VSTEST1 PROCESSING COMPLETE. NCLID 283393 
14:26:24.10 INTERNAL 00000290 SE '14.26.24 JOB40039 $HASP165 ZNETV451 ENDED AT SDEV - JCL ERROR', LOGON,USER=(ACFJOBID) 
14:26:24.10 INTERNAL 00000291 IKJ142I INVALID USERID(S) ACFJOBID 


Is there a way to maintain the original userid or send the id of the route operator in the submit request? 
Resolution:
It is not possible to pass the user's userid with the ROUTE command, but the operator ID can be used.
To facilitate this:
1. Ensure the NM01OPER* userid is defined to external security. The definition should be the same as for NM01BSYS*
2. Change the SXCTL member to use CONCHECK YES.
   To locate the member, look at the RUNSYSIN member in the TESTEXEC and do a FIND on SXCTL.
    It will generally point to an SXxxxxxx member in the PARMLIB.


* The 4 character prefix for background userids is either taken from
    1. the NMSUP parameter (if present) or
    2. the NMDID parameter
   in the RUNSYSIN.

 
Additional Information:
From the Netmaster Security manual:
CONCHECK { YES | NO }
  • Controls the checking of console user IDs. These user IDs are for system consoles.
    • YES
      (Default) The console user ID is presented to SAF.
    • NO
      The console user ID is not presented to SAF.
    Note: If CONCHECK YES is specified, this user ID is presented before the CONUID user ID is presented.
NETMThe CONCHECK parameter in the SXCTL member controls cVerified NETMOPER is defined in ACF2. Changed SXCTL to CONCHECK YES The ROUTE command is now passing NETMOPER instead of ACFJOBID.