When connecting to VSE with VSE Health Checker installed on a PC, we receive TSS7100E, TSS9405E and IESC1026I error messages

Document ID : KB000055260
Last Modified Date : 14/02/2018
Show Technical Document Details

Problem:

We have installed VSE Health Checker on a PC, and started VSE connector server STARTVCS. When trying to connect to the connector server from the PC, we receive the following messages on the console:

TSS7100E 031 J=STARTVCS A=*NOACID* T=N/A F=BATCH-INTERFACE ERROR 1
TSS9405E NO AUTHORITY FOR INTERNAL SECURITY FUNCTION ( )
IESC1026I CLIENT SESSION DENIED FOR USER: SYSA

Resolution:

CA Top Secret acids using the VSE Connector Server require the following user attributes:

  1. Assign the Interactive Interface (II) application profile or selection panel using the Keyword IESINIT

    CA Top Secret Command:
        TSS ADD(user-acid) IESINIT(IESEADM)
  2. Assign the II user type using the Keyword IESTYPE.

    CA Top Secret Command:
        TSS ADD(user-acid) IESTYPE(USERTYPE1,NEW,SELECT)
    USERTYPE x => Defines overall user characteristics. Replace the x with one of the following values:

    1. VSE System Administrator (Includes access to ICCF)
    2. Programmer/Operator (Includes access to ICCF)
    3. General Application User.

  3. Assign the following attributes to the II users using the Keyword IESFL1.

    CA Top Secret Command:
        TSS ADD(user-acid) IESFL1(BAT,PSL,COD,VSAM)
    BAT => Allows the user to submit jobs to VSE Batch.
    PSL => Assigns a Primary Sublibrary.
    COD => Requires confirmation when deleting POWER jobs or ICCF members.
    VSAM => Allows the user to define VSAM files and libraries and process catalogs

  4. Assign additional attributes to the II users through the Keyword IESFL2.

    CA Top Secret Command:
        TSS ADD(user-acid) IESFL2(BQA,ESC,COU,CMD,OLPD,XRM)
    BQA => Allows the user to manage all POWER jobs.
    ESC => Permits the user to escape to a native CICS session.
    COU => Displays all messages on the console.
    CMD => Allows the user to get a master console and enter all commands.
    OLPD => Allows the user to delete OLPD incident records.
    XRM => Allow the user to maintain resource profiles within the Interactive

Interface. These resource profiles include the user, application, and selection profiles.

You can add all the attributes to a user at once using the following Online Command:

TSS ADD(user-acid) IESINIT(IESEADM) IESTYPE(USERTYPE1,NEW,SELECT)
IESFL1(BAT,PSL,COD,VSAM) IESFL2(BQA,ESC,COU,CMD,OLPD,XRM)

As you will notice this example will define an administrator which has full authorization

Output from CA Top Secret transaction TSS:

TSS LIST(SIE1) DATA(ALL) 
ACCESSORID = SIE1      NAME       = JOHN DOE 
TYPE       = CENTRAL   SIZE       =      512  BYTES 
FACILITY   = *ALL* 
CREATED    = 07/25/01  LAST MOD   = 10/04/01  09:29 
PROFILES   = PROFGEN   PRFIRMSY 
LAST USED  = 10/05/01 11:23 CPU(VSEA) FAC(BATCH   ) COUNT(00991) 
-----------  SEGMENT CICS 
OPCLASS    = 01 
OPIDENT    = SYA 
-----------  SEGMENT IESIS 
IESFL1     = BAT,COD,VSAM 
IESFL2     = BQA,ESC,COU,CMD,OLPD,XRM 
IESINIT    = IESEADM 
IESTYPE    = USERTYPE1,NEW,SELECT 
-----------  ADMINISTRATION AUTHORITIES 
RESOURCE   = *ALL* 
   ACCESS  = ALL 
ACID       = *ALL* 
FACILITIES = *ALL* 
LIST DATA  = *ALL*,PROFILES,PASSWORD,PWVIEW 
MISC1      = *ALL* 
MISC2      = *ALL* 
MISC3      = SDT 
MISC8      = LISTSTC,LISTRDT,REMASUSP,MCS,LISTSDT 
MISC9      = *ALL* 
TSS0300I  LIST     FUNCTION SUCCESSFUL