Security message 'INSUFFICIENT AUTHORITY TO OPEN' for CFGOUT DD occurs in CCITCP or CCITCPGW

Document ID : KB000121282
Last Modified Date : 15/11/2018
Show Technical Document Details
Issue:
Security message 'INSUFFICIENT AUTHORITY TO OPEN' for CFGOUT DD occurs in CCITCP or CCITCPGW after applying CCI PTF RO94761:

ICH408I USER(CCITCP ) GROUP(TSKCCIT ) NAME(CA DRAS STC ) 531 
DD:CFGOUT CL(DIRACC ) FID(01C3D3D7F1D7F461BC07000000000003) 
INSUFFICIENT AUTHORITY TO OPEN 
ACCESS INTENT(-W-) ACCESS ALLOWED(OTHER R-X) 
EFFECTIVE UID(0000004010) EFFECTIVE GID(0000004001) 

 
Environment:
  • z/OS 2.x
  • Common Services 14.1
Cause:

 
Resolution:
Since the customer had applied CCI PTF RO94761, the following DD statement needed to be added to the CCITCP and CCITCPGW procs:

//CFGOUT DD SYSOUT=*

The use of this DD was added with TLS 1.1 and 1.2 support for CCIxxx/CCIxxxGW. The CCISSL/CCISSLGW procs were updated to include it, but the CCITCP and CCITCPGW procs were not redelivered with the update.