UPDATE Access Not Granted to Dataset AUTOSCR

Document ID : KB000095053
Last Modified Date : 08/05/2018
Show Technical Document Details
Question:
At startup of Vantage the following security violation occurred:

TSS7220E 102 J=SAMS A=SAMSUSR VOL=VOL001 ACC=UPDATE DSN=CA.VANT.AUTOSCR
TSS7227E UPDATE Access Not Granted to Dataset CA.VANT.AUTOSCR               
IEC150I 913-38,IFG0194E,SAMS,SAMS,SYS01312,2005,VOL001,  369                 
CA.VANT.AUTOSCR

Why does the Vantage Userid SAMSUSR needs UPDATE access to the AUTOSCR library at startup?
We have never seen this before and it is no problem to update or create new automation scripts using the Windows Client.

 
Answer:
This can happen if an automation script in the AUTOSCR library has been created or has been changed using
ISPF EDIT. Vantage maintains internal information in the PDS Directory entry for each script. If such a script is
created or changed using ISPF EDIT, this information is lost. This is detected at startup and Vantage tries to update
the PDS directory with this internal information.
In order to update the PDS directroy UPDATE ACCESS to the script library is required.

It is correct, that scripts can be created or changed using the Windows Client, even if the Vantage USERID
does not have UPDATE ACCESS to the script library, as in this case the update is performed under the security
context of the logged on TSO User, who must have appropriate permission to the library.
 
Additional Information:
For Security requirements for Data Sets used by Vantage see chapter  "Startup Configuration"
https://docops.ca.com/ca-vantage-storage-resource-manager/14-0/en/installing/startup-configuration

For details on PDS Directory Statistics see
https://docops.ca.com/ca-vantage-storage-resource-manager/14-0/en/reference/reference-data-sets#ReferenceDataSets-PDSDirectoryStatistics