When trying to print from CICS users are getting CICS message DFHAC2003, what is causing this?

Document ID : KB000025861
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:

When trying to print from CICS users are getting CICS message DFHAC2003, what is causing this?

 

Description:

The following message can occur when the ACF2/CICS ACF2PARM SIGNON PRINTERS=YES is coded and the printer/terminal is not defined as "receive only".
DFHAC2003 date time applid Security violation has been detected term id = termid, trans id = tranid, userid = userid.

 

Answer:

The ACF2/CICS ACF2PARM parameter PRINTERS=YES determines whether terminals defined as printers are implicitly signed on, terminals that are defined as "receive only" fall into this category. "receive only" corresponds to terminals defined with RDO attribute TTI(NO).

Top Secret and ACF2 treats TTI(NO) different from RACF. This is basically a philosophical difference between RACF and Top Secret/ACF2. If TTI(NO) is coded, Top Secret/ACF2 assumes the request could not have come from the device and does not validate it against the user signed onto the device. If the terminal is defined with RDO attribute TTI(YES) the DFHAC2003 message will occur. To correct the error change the RDO attribute to TTI(NO).