Using external security data set protection - avoid S913 abends

Document ID : KB000021023
Last Modified Date : 14/02/2018
Show Technical Document Details


You are securing datasets by an external security package like CA Top Secret , CA ACF2 or IBM RACF.

The Datacom Multi-User gets an S913 abend during startup.


The CA Datacom and CA Datacom/AD Best Practices guide documents the following:

Protect CA Datacom/DB Critical System and User Data Sets from Non-Datacom Access

Secure the CA Datacom/DB critical system and user data sets to protect against an accidental or planned intrusion. These data sets are both non-database "system" data sets and those data sets that house system and user databases. Certain system data sets can contain customer data in a readable form.

The CA Datacom/DB external security interface can protect access to the system data sets, systems database data sets, and user database data sets. It does not protect against direct data set access using tools such as IEBGENER or IEBCOPY.

System data sets for CXX, FXX, LXX, RXX should be externally secured and should be fully accessible by the user ID who submits the Datacom Multi-User or ENF when running with an IMUF(internal Multi-User running in the same address space as ENF).

If you are securing other system datasets like the PXX , data sets for system databases or data sets for user databases then these must be fully accessible to the user ID submitting the Multi-User.