The Endevor ship setup was defined as:
The RACF option of batchallracf was defined to the host: What does this mean?
When you specify BATCHALLRACF, any batch job that does not have a RACF-defined user specified on the USER parameter of the JOB statement, or propagated security information associated with it, fails.
Specifying NOBATCHALLRACF allows such jobs to run.
To prevent unauthorized users from running batch jobs, enter the following:
RACF was getting a security violation when using the alternate user id or the user id defined in the package ship.
This was causing a deadly embrace since they could not run the confirmation at all.