CA ACF2 15.0 CA RS 1306 Service List · PDF fileCA RS 1306 Service List ... CAS2260E CIARTLGR...
Transcript of CA ACF2 15.0 CA RS 1306 Service List · PDF fileCA RS 1306 Service List ... CAS2260E CIARTLGR...
CA ACF2 15.0 1
CA RS 1306 Service ListCA ACF2 15.0 1
CA RS 1306 Service List
Release Service Description Hiper
15.0 RO49252 ABEND 0C4 WITH CIA, GARBAGE HI-ORDER WORD 64-BIT ADDRESSES
RO50449 IMS ACF01004 W/UNPRINTABLE LID AT STARTUP
RO50887 ADD USER DEFINED FIELDS FOR CIA REAL-TIME
RO50982 INSERT KEYSMSTR SSIGNON FAILS
RO51382 ENVIRONMENT SERVICE IGNORES BPX.DAEMON.HFSCTL
RO51878 S0C4 EIP PROGRAM CALLED BY ACFEDSEC FOR #SECUR FROM CICS
RO52030 IMS STORAGE DEPLETION IF TPIPE SEC AND NO OTMA RECORD **HIPER**
RO52548 GSO REFRESH FROM ACF COMMAND GETS ACF79549 PROMPT
RO52779 ABEND 0C4 IN CAS4DSRV
RO53262 CORRECT LOAD PROBLEM WITH DATACOM INTERFACE MODULE
RO53646 ADD NPWPEXIT TO GSO EXITS PANEL
RO53745 CICS: SUPPORT CICS TS (CTS) REL 5.1 FOR Z/OS
RO54052 ADD INTERNAL CLASMAP RECORDS FOR DATACOM
RO54101 S013-C0 ABEND TIME SERIES FACILITY ERROR HANDLING
RO54224 ACFESAGE S002-01 PROCESSING HEX USER LID FIELDS
RO54233 MDLC;COMPARE/VMIDLEOP/HEX
RO54470 0C4 ACF79DBS DB SWITCH FROM ACF COMMAND
RO54770 0C4 CAS4DSRV ACCESSING DELETED CDE ADDRESS
RO54786 ISSUE LOG MSG IF CICS SIGNON GETS ACFAE134 RESPONSE
RO54825 ROLE - REMOVE DELETED LID FROM INCL/EXCL PARAMETER
RO54826 ENFORCE UNIQUENESS FOR UID/GID WHEN USING AUTOUID/AUTOGID
RO54829 ALLOW SYMBOLIC NAME IN GSO LINKLST
RO54831 MOVE CERTIFICATE TABLE TO 64-BIT COMMON STORAGE
RO54833 ALLOW CANCELLED/SUSPENDED LOGONID TO BE USED IN EXTRACT
RO54836 LINKLST - ALLOW MASKING IN DATA SET NAMES
RO54882 STARTING STATS AFTER STATG IS ACTIVE GETS 0C1
RO56371 NEWCOPY FAILS FOR SUFFIXED PGMS AFTER ACFE=NEWC=CAKSLMT
RO58015 ADD VSAMFAIL CONTROL OPTION
RO58369 LOGONID DB CHANGED RESOURCE PRE/POST EXIT WITH RO45722 **HIPER**
The CA RS 1306 service count for this release is 29
CA ACF2 14.0 2
CA RS 1306 Service ListCA ACF2 14.0 2
CA RS 1306 Service List
Release Service Description Hiper
14.0 RO54091 ACF00178 ON CERT INSERT FROM PKCS#12
RO54453 INSERT KEYSMSTR SSIGNON FAILS
RO55633 RECOVER SAMPJCL JOB HAS SHAREOPTIONS 2 4
RO55651 SUPPORT CICS TS (CTS) REL 5.1 FOR Z/OS
RO55873 ENTER MEANINGFUL TITLE LIMIT 42 CHARACTERS
RO55874 New msg ACFAE174 if user lacks CICS bit
RO56112 ENV SERVICE IGNORES BPX.DAEMON.HFSCTL
The CA RS 1306 service count for this release is 7
CA ACF2 3
CA RS 1306 Service List for CAX1F00CA ACF2 3
CA RS 1306 Service List for CAX1F00
FMID Service Description Hiper
CAX1F00 RO49252 ABEND 0C4 WITH CIA, GARBAGE HI-ORDER WORD 64-BIT ADDRESSES
RO50887 ADD USER DEFINED FIELDS FOR CIA REAL-TIME
RO50982 INSERT KEYSMSTR SSIGNON FAILS
RO51382 ENVIRONMENT SERVICE IGNORES BPX.DAEMON.HFSCTL
RO51878 S0C4 EIP PROGRAM CALLED BY ACFEDSEC FOR #SECUR FROM CICS
RO52548 GSO REFRESH FROM ACF COMMAND GETS ACF79549 PROMPT
RO52779 ABEND 0C4 IN CAS4DSRV
RO53262 CORRECT LOAD PROBLEM WITH DATACOM INTERFACE MODULE
RO53646 ADD NPWPEXIT TO GSO EXITS PANEL
RO54052 ADD INTERNAL CLASMAP RECORDS FOR DATACOM
RO54101 S013-C0 ABEND TIME SERIES FACILITY ERROR HANDLING
RO54224 ACFESAGE S002-01 PROCESSING HEX USER LID FIELDS
RO54233 MDLC;COMPARE/VMIDLEOP/HEX
RO54470 0C4 ACF79DBS DB SWITCH FROM ACF COMMAND
RO54770 0C4 CAS4DSRV ACCESSING DELETED CDE ADDRESS
RO54825 ROLE - REMOVE DELETED LID FROM INCL/EXCL PARAMETER
RO54826 ENFORCE UNIQUENESS FOR UID/GID WHEN USING AUTOUID/AUTOGID
RO54829 ALLOW SYMBOLIC NAME IN GSO LINKLST
RO54831 MOVE CERTIFICATE TABLE TO 64-BIT COMMON STORAGE
RO54833 ALLOW CANCELLED/SUSPENDED LOGONID TO BE USED IN EXTRACT
RO54836 LINKLST - ALLOW MASKING IN DATA SET NAMES
RO54882 STARTING STATS AFTER STATG IS ACTIVE GETS 0C1
RO58015 ADD VSAMFAIL CONTROL OPTION
RO58369 LOGONID DB CHANGED RESOURCE PRE/POST EXIT WITH RO45722 **HIPER**
The CA RS 1306 service count for this FMID is 24
CA ACF2 4
CA RS 1306 Service List for CAX1F03CA ACF2 4
CA RS 1306 Service List for CAX1F03
FMID Service Description Hiper
CAX1F03 RO53745 CICS: SUPPORT CICS TS (CTS) REL 5.1 FOR Z/OS
RO54786 ISSUE LOG MSG IF CICS SIGNON GETS ACFAE134 RESPONSE
RO56371 NEWCOPY FAILS FOR SUFFIXED PGMS AFTER ACFE=NEWC=CAKSLMT
The CA RS 1306 service count for this FMID is 3
CA ACF2 5
CA RS 1306 Service List for CAX1F04CA ACF2 5
CA RS 1306 Service List for CAX1F04
FMID Service Description Hiper
CAX1F04 RO50449 IMS ACF01004 W/UNPRINTABLE LID AT STARTUP
RO52030 IMS STORAGE DEPLETION IF TPIPE SEC AND NO OTMA RECORD **HIPER**
The CA RS 1306 service count for this FMID is 2
CA ACF2 6
CA RS 1306 Service List for CX1E000CA ACF2 6
CA RS 1306 Service List for CX1E000
FMID Service Description Hiper
CX1E000 RO54091 ACF00178 ON CERT INSERT FROM PKCS#12
RO54453 INSERT KEYSMSTR SSIGNON FAILS
RO55633 RECOVER SAMPJCL JOB HAS SHAREOPTIONS 2 4
RO56112 ENV SERVICE IGNORES BPX.DAEMON.HFSCTL
The CA RS 1306 service count for this FMID is 4
CA ACF2 7
CA RS 1306 Service List for CX1E052CA ACF2 7
CA RS 1306 Service List for CX1E052
FMID Service Description Hiper
CX1E052 RO55651 SUPPORT CICS TS (CTS) REL 5.1 FOR Z/OS
RO55873 ENTER MEANINGFUL TITLE LIMIT 42 CHARACTERS
RO55874 New msg ACFAE174 if user lacks CICS bit
The CA RS 1306 service count for this FMID is 3
CA ACF2 15.0 8
CA RS 1306 - PTF RO49252 DetailsCA ACF2 15.0 8
CA RS 1306 - PTF RO49252 Details
Release Service Details15.0 RO49252 RO49252 M.C.S. ENTRIES = ++PTF (RO49252)
ABEND 0C4 WITH CIA, GARBAGE HI-ORDER WORD 64-BIT ADDRESSES
PROBLEM DESCRIPTION:
There is a possibility of an S0C4 abend in various CIA
modules due to garbage in the hi-order word of a
64-bit address.
This can only happen when doing Stats Gathering.
It will not happen for everybody using Stats
Gathering. There has to be garbage in the hi-order word
of a 64-bit address we are using.
Symptoms:
ACF79STS DIAGNOSTIC DUMP
CAS2260E CIARTLGI S0C4 at xxxxxxxx LMOD CIARTLGI CSECT N/A
CAS2260E CIARTLGR S0C4 at xxxxxxxx LMOD CIARTLGM CSECT N/A
ACFFE100 ACF79TMR S0C4 AT xxxxxxxx LMOD SAFRT101
Impact:
Stats fail to be sent to Chorus.
Circumvention:
Set GSO CHORUS to NOSTATG.
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
Star Problem(s):
ACF2MS 9388
Copyright (C) 2012 CA. All rights reserved. R00692-ACF150-SP1
DESC(ABEND 0C4 WITH CIA, GARBAGE HI-ORDER WORD 64-BIT ADDRESSES) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO36462 RO36573 RO48337 )
SUP ( BR36462 TR37709 RO37709 TR49218 TR49252 )
++HOLD (RO49252) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (12296)
COMMENT (
SMP APPLY, LLA refresh, 'F ACF2,CHRSTAT(STOP)',
'F ACF2,CHRSTAT(START)', 'F ACF2,CIA(STOP),
'F ACF2,CIA(START)', 'F ACF2,NEWMOD(SAFRT101),
and stop and start the CIARTUPD proc
required to install this fix.
).
CA ACF2 15.0 9
CA RS 1306 - PTF RO50449 DetailsCA ACF2 15.0 9
CA RS 1306 - PTF RO50449 Details
Release Service Details15.0 RO50449 RO50449 M.C.S. ENTRIES = ++PTF (RO50449)
IMS ACF01004 W/UNPRINTABLE LID AT STARTUP
PROBLEM DESCRIPTION:
After installation of IMS r11.1 PUT03, CA ACF2 for z/OS IMS support
code may generate error message ACF01004 with an unprintable logonid
shortly after startup for the IMS control region. The message is
caused by a zeros in the userid pointer in the IBM DFSYRTUP parameter
list passed to ACF2/IMS to validate the user's access to a TPIPE. The
pointer contains binary zeros, which causes ACF2/IMS to pick up 8 bytes
of storage beginning at location 0 and to attempt to sign that presumed
logonid on. Since the contents of locations 0 through 7 will never
contain a valid logonid, the attempted signon fails with message
ACF01004. So far the problem has been reported only on IMS r11.1 and
only following client application of PUT03, but the potential for
occurrence on other releases exists and so the fix will apply to all
supported IMS releases.
The fixes for this problem will cause the IMS default logonid to be used
for the validation if the userid pointer is binary zeros.
SYMPTOMS:
If this problem occurs, the following message will appear on the system
console shortly after IMS control region startup:
ACF01004 LOGONID - - NOT FOUND <IMS region ID>
IMPACT:
The IMS control region continues to function normally. No effect other
than the message has been reported.
CIRCUMVENTION:
None. Apply the fix when it becomes available.
PRODUCTS AFFECTED:
CA ACF2 for z/OS IMS support Release 14.0
Release 15.0
Star Problem(s):
ACF2MS 9409
Copyright (C) 2012 CA. All rights reserved. R00722-ACF150-SP1 00460001
DESC(IMS ACF01004 W/UNPRINTABLE LID AT STARTUP) .
++VER (Z038) 00500001
FMID (CAX1F04) 00510001
PRE ( RO37222 ) 00520001
SUP ( TR50449 ) 00530001
. 00540001
++HOLD (RO50449) SYSTEM FMID(CAX1F04) 00550001
REASON (DYNACT ) DATE (12313) 00560001
COMMENT ( 00570001
SMP apply, LLA refresh if needed, and restart of affected IMS control 00580001
regions required to install this PTF. 00590001
). 00600001
CA ACF2 15.0 10
CA RS 1306 - PTF RO50887 DetailsCA ACF2 15.0 10
CA RS 1306 - PTF RO50887 Details
Release Service Details15.0 RO50887 RO50887 M.C.S. ENTRIES = ++PTF (RO50887)
ADD USER DEFINED FIELDS FOR CIA REAL-TIME
PROBLEM DESCRIPTION:
This solution enhances CA ACF2 base support for User-Defined Fields (UDF)
in the Compliance Information Analysis (CIA) component batch load
and real-time processes. This solution updates the existing
method and support for handling user-defined fields in CIA. The following
enhancements are included in this solution:
1. Updated method for supporting UDFs in CIA batch processes.
2. Support added for UDFs in CIA real-time.
3. Support added for multi-valued UDFs.
4. Support added for UDFs in a Datacom AD database.
5. Support added for different UDFs on multiple systems.
6. UDF implementation has been simplified.
This support will also add the UID String to the SYSINFO table.
It also corrects the following situation.
A user can specify a globalid in the Chorus record that is not the
same as the globalid specified or defaulted in the CIA Unload Utility
GLOBALID input control statement, which causes out of synch CIA data.
SYMPTOMS:
The current User-Defined Field (UDF) support in CIA has several issues:
1. UDFs are not supported in CIA real-time process.
2. Multi-valued UDFs are not supported.
3. Datacom AD doesn't allow database definition changes, which are
needed to support UDFs.
4. Different UDFs on multiple systems are not supported.
5. UDF implementation is complicated.
When CIA real-time is active, if a globalid in the Chorus record is
different than the globalid in the CIA Unload Utility GLOBALID input
control statement, the user data will be mismatched and out of synch
in the CIA Repository when new user records are added to the IDMAP
table in the Repository. In addition, this can adversely impact CIA
reporting that returns information about what data a user has access
to on a system(s) based on the single globalid value that maps all of
a user's existing userids.
IMPACT:
New and existing ACF2 r15 clients using CIA real-time and Chorus 2.5.
CIRCUMVENTION:
There is none for UDFs or the UID being added to the SYSINFO table.
If you specified a GLOBALID input control statement in the CIA Unload
Utility SYSIN file when you unloaded your security data, specify the
same globalid value in the CIAGEXIT or CIAGFLD globalid field in the
Chorus record.
If you did not specify a GLOBALID input control statement in the CIA
Unload Utility SYSIN file when you unloaded your security data (i.e.,
the globalid value was defaulted), do not specify a value in either
the CIAGEXIT or CIAGFLD field of the Chorus record.
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
Star Problem(s):
ACF2MS 9415
Copyright (C) 2013 CA. All rights reserved. R00730-ACF150-SP1
DESC(ADD USER DEFINED FIELDS FOR CIA REAL-TIME) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO36462 RO36573 RO47699 RO54052 )
SUP ( TR49987 RO49987 TR50887 )
++HOLD (RO50887) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (13064)
COMMENT (
Product: Release:
CA ACF2 for z/OS Release 15.0
Sequence:
If you are not leveraging the CIA Real-time feature available with the
CA ACF2 15.0 11
CA RS 1306 - PTF RO50887 Details
Release Service DetailsCA Chorus product, the following implementation instructions are
needed:
SMP APPLY, LLA REFRESH required to install this apar.
If you are leveraging the CIA Real-time feature available with the
CA Chorus product, the following implementation instructions are
needed:
SMP APPLY and IPL with CLPA required to install this APAR.
Purpose:
Add USER defined fields support for CIA Real-Time
Relevance:
All users
Knowledge required:
1- Product Administration
2- SMP/e
3- z/OS Systems Programming
4- Security Administration
Access required:
1- SMP/e CSI libraries
2- Security Administrative authority
3- DB2/Datacom authority
4- Operator Console authority
Steps to Perform:
If you are leveraging CIA, the following steps are required. Otherwise
no additional steps are necessary:
1. You must redefine and reload any existing CIA DB2 or Datacom
Repositories using the updated SAMPJCL jobs provided in the
product.
2. If your site is NOT adding user-defined fields in the CIA
repository, you must specify the following input control
statement in the CIAUNLD batch job, which unloads the
CIA data from the security product:
USERFIELD(*NONE*)
3. If your site is adding ALL site user-defined fields to the
CIA Repository, either do not specify any USERFIELD input
control statements or specify the following input control
statement in the CIAUNLD batch job, which unloads the
CIA data from the security product:
USER FIELD(*ALL*)
4. If your site is adding specific user-defined fields,
add a USERFIELD statement for each desired field in the
following format in the CIAUNLD batch job, which unloads
the CIA data from the security product:
USERFIELD(fieldname)
).
CA ACF2 15.0 12
CA RS 1306 - PTF RO50982 DetailsCA ACF2 15.0 12
CA RS 1306 - PTF RO50982 Details
Release Service Details15.0 RO50982 RO50982 M.C.S. ENTRIES = ++PTF (RO50982)
INSERT KEYSMSTR SSIGNON FAILS
PROBLEM DESCRIPTION:
When a KEYSMSTR SSIGNON record is INSERT'ed the INSERT fails if the
the IGVINITFREEMAIN diagnostic trap is enabled. In theory the INSERT
could also happen without IGVINITFREEMAIN being enabled.
SYMPTOMS:
The INSERT fails with no error message or possibly error message:
ACF00079 MUST BE GREATER THAN
IMPACT:
KEYSMSTR SSIGNON record cannot be inserted
CIRCUMVENTION:
If the IGVINITFREEMAIN (dirty FREEMAIN) diagnostic trap is enabled
turn the trap off and issue the INSERT subcommand again.
PRODUCT(S) AFFECTED: CA ACF2 Release 14.0
CA ACF2 Release 15.0
Star Problem(s):
ACF2MS 9419
Copyright (C) 2012 CA. All rights reserved. R00734-ACF150-SP1
DESC(INSERT KEYSMSTR SSIGNON FAILS) .
++VER (Z038)
FMID (CAX1F00)
SUP ( TR50982 )
++HOLD (RO50982) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (12279)
COMMENT (
SMP APPLY, LLA refresh, and 'F ACF2,NEWMOD(ACF00SVA)
required to install this apar.
).
CA ACF2 15.0 13
CA RS 1306 - PTF RO51382 DetailsCA ACF2 15.0 13
CA RS 1306 - PTF RO51382 Details
Release Service Details15.0 RO51382 RO51382 M.C.S. ENTRIES = ++PTF (RO51382)
ENVIRONMENT SERVICE IGNORES BPX.DAEMON.HFSCTL
PROBLEM DESCRIPTION:
The ACF2 support for the RACF Environment Service (IRRENS00)
does not handle the BPX.DAEMON.HFSCTL FACILITY properly. The
environment service program control is incorrectly being
enforced for programs loaded from MVS libraries. It should
only be enforced for Unix files when BPX.DAEMON.HFSCTL FACILITY
access has been set up.
SYMPTOMS:
ACFFF601 ENVIRONMENT IS CONTROLLED - MARK UNCONTROLLED REQUEST REJECTED
IMPACT:
If a daemon with BPX.DAEMON.HFSCTL authorization loads a
program from an uncontrolled MVS library an erroneous
"mark uncontrolled" call is made to IRRENS00.
CIRCUMVENTION:
None
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
CA-ACF2-MVS Release 14.0
Star Problem(s):
ACF2MS 9428
Copyright (C) 2012 CA. All rights reserved. R00743-ACF150-SP1
DESC(ENVIRONMENT SERVICE IGNORES BPX.DAEMON.HFSCTL) .
++VER (Z038)
FMID (CAX1F00)
SUP ( TR51382 )
++HOLD (RO51382) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (12292)
COMMENT (
SMP APPLY and IPL with CLPA required to install this APAR.
).
CA ACF2 15.0 14
CA RS 1306 - PTF RO51878 DetailsCA ACF2 15.0 14
CA RS 1306 - PTF RO51878 Details
Release Service Details15.0 RO51878 RO51878 M.C.S. ENTRIES = ++PTF (RO51878)
S0C4 EIP PROGRAM CALLED BY ACFEDSEC FOR #SECUR FROM CICS
PROBLEM DESCRIPTION:
In a CICS environment, without the CA-ACF2 CICS interface
in place, #SECUR calls issued by CA-ACF2 DB2 may invoke
an EXEC CICS ADDRESS ACEE command. An abend can occur if the
program that is invoked runs in key8 and we pass a work area
that is in key0 storage.
SYMPTOMS:
The following error message is issued:
DUMP TITLE=CAIENF/DB2 interface dump - CASR230F
IMPACT:
The security request fails validation.
CIRCUMVENTION:
None.
PRODUCT(S) AFFECTED: CA ACF2
Star Problem(s):
ACF2MS 8442
Copyright (C) 2012 CA. All rights reserved. R00756-ACF150-SP1
DESC(S0C4 EIP PROGRAM CALLED BY ACFEDSEC FOR #SECUR FROM CICS) .
++VER (Z038)
FMID (CAX1F00)
SUP ( TR51878 )
++HOLD (RO51878) SYSTEM FMID(CAX1F00)
REASON (IPL ) DATE (12310)
COMMENT (
The following actions are required:
1. SMP APPLY the fix.
2. IPL with CLPA.
).
CA ACF2 15.0 15
CA RS 1306 - PTF RO52030 DetailsCA ACF2 15.0 15
CA RS 1306 - PTF RO52030 Details
Release Service Details15.0 RO52030 RO52030 M.C.S. ENTRIES = ++PTF (RO52030)
IMS STORAGE DEPLETION IF TPIPE SEC AND NO OTMA RECORD
PROBLEM DESCRIPTION:
If a site running CA ACF2 for z/OS IMS support has OTMA TPIPE security
active (either by default or explicitly) and has not specified ACF2
NETWORK records for its OTMA connections, storage depletion will occur
as RESUME TPIPE commands are validated. Storage obtained dynamically
to perform an INFOCALL signon for the logonid issuing each RESUME
TPIPE, in order to validate the command, is not being freed after the
validation.
SYMPTOMS:
If this problem occurs, 31-bit user private area will eventually fill
up with the storage gotten to validate each request. Each storage block
contains an ACVALD parameter list, an ACMCB, and a LID or MLID.
Storage depletion will eventually bring the IMS control region down.
The exact abend depends on what IMS function is unable to obtain
storage.
IMPACT:
The IMS control region crashes and must be restarted. Once it is
restarted, storage depletion will again occur and another crash will
eventually occur. This will continue until the fix is installed or
one of the circumventions is implemented.
CIRCUMVENTION:
Either add an ACF2/IMS RESOURCE record for $TPIPE specifying NOVALIDATE,
or add a NETWORK record for each OTMA link specifying a non-zero DEPTH
value. The latter is preferred and is the way the IMS security options
should be set up if OTMA links are active for the IMS control region.
PRODUCTS AFFECTED:
CA ACF2 for z/OS IMS option Release 14.0
Release 15.0
Star Problem(s):
ACF2MS 9432
Copyright (C) 2013 CA. All rights reserved. R00763-ACF150-SP1
DESC(IMS STORAGE DEPLETION IF TPIPE SEC AND NO OTMA RECORD) .
++VER (Z038)
FMID (CAX1F04)
PRE ( RO37222 )
SUP ( TR50449 RO50449 TR51700 TR52030 )
++HOLD (RO52030) SYSTEM FMID(CAX1F04)
REASON (DYNACT ) DATE (13092)
COMMENT (
SMPE apply and restart of affected IMS regions required to install
this APAR.
).
CA ACF2 15.0 16
CA RS 1306 - PTF RO52548 DetailsCA ACF2 15.0 16
CA RS 1306 - PTF RO52548 Details
Release Service Details15.0 RO52548 RO52548 M.C.S. ENTRIES = ++PTF (RO52548)
GSO REFRESH FROM ACF COMMAND GETS ACF79549 PROMPT
PROBLEM DESCRIPTION:
Issuing an 'F ACF2,REFRESH' command from the ACF command processor
can result in an ACF79549 operator prompt if no record exists. The
prompt should only be done if the command was initiated from a
console. The code in this situation will be changed to fail the
refresh with an ACF79520 message which indicates the request has
been cancelled.
SYMPTOMS:
Issuing 'F ACF2,REFRESH' can result in an ACF79549 prompt to the
console.
IMPACT:
None.
CIRCUMVENTION:
Respond to the acf79549 operator prompt.
PRODUCT(S) AFFECTED: CA ACF2
Star Problem(s):
ACF2MS 9442
Copyright (C) 2012 CA. All rights reserved. R00776-ACF150-SP1
DESC(GSO REFRESH FROM ACF COMMAND GETS ACF79549 PROMPT) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO32938 RO40234 )
SUP ( TR17989 TR21453 RO21453 TR24637 RO24637 TR26259
RO26259 TR52546 TR52548 )
++HOLD (RO52548) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (12331)
COMMENT (
The following actions are required:
1. SMP APPLY the fix
2. Perform an LLA REFRESH
).
CA ACF2 15.0 17
CA RS 1306 - PTF RO52779 DetailsCA ACF2 15.0 17
CA RS 1306 - PTF RO52779 Details
Release Service Details15.0 RO52779 RO52779 M.C.S. ENTRIES = ++PTF (RO52779)
ABEND 0C4 IN CAS4DSRV
PROBLEM DESCRIPTION:
Abend 0C4 in CAS4DSRV when attempting to access the SMDE_NAME
of the DESERV parameter list. The problem occurs when the DESERV
request has failed and DESL_CODE_SUCC is not set. The failure
occurs in the LLA address space.
SYMPTOMS:
Abend 0C4 in CAS4DSRV at approximetly offset x'1624'.
IMPACT:
N/A.
CIRCUMVENTION:
None.
PRODUCT(S) AFFECTED: CA ACF2
Star Problem(s):
ACF2MS 9449
Copyright (C) 2012 CA. All rights reserved. R00786-ACF150-SP1
DESC(ABEND 0C4 IN CAS4DSRV) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO40747 )
SUP ( TR30707 RO30707 TR41983 RO41983 TR52630 RO52630
TR52779 )
++HOLD (RO52779) SYSTEM FMID(CAX1F00)
REASON (IPL ) DATE (12361)
COMMENT (
The following actions are required:
1. SMP APPLY the fix
2. Perform an IPL
).
CA ACF2 15.0 18
CA RS 1306 - PTF RO53262 DetailsCA ACF2 15.0 18
CA RS 1306 - PTF RO53262 Details
Release Service Details15.0 RO53262 RO53262 M.C.S. ENTRIES = ++PTF (RO53262)
CORRECT LOAD PROBLEM WITH DATACOM INTERFACE MODULE
PROBLEM DESCRIPTION:
Loading of the Datacom interface module by DSI eventually causes an S906-08
ABEND. The LOAD limit of 32767 is reached because the module is not deleted
at the end of each CIA real-time request.
SYMPTOMS:
S906-08 ABEND by DSI server address space.
Error messages: CSV002I and CSV028I
IMPACT:
S906-08 ABEND by DSI server address space.
Error messages: CSV002I and CSV028I
CIRCUMVENTION:
NONE. Restart the DSI server address space.
PRODUCT(S) AFFECTED: CA ACF2 for z/OS Release 15.0
CA Top Secret for z/OS Release 15.0
Star Problem(s):
ACF2MS 9457
Copyright (C) 2012 CA. All rights reserved. R00801-ACF150-SP1
DESC(CORRECT LOAD PROBLEM WITH DATACOM INTERFACE MODULE) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO47699 )
SUP ( TR53262 )
++HOLD (RO53262) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (12354)
COMMENT (
SMP APPLY, LLA refresh and restart of DSI
required to install this APAR.
).
CA ACF2 15.0 19
CA RS 1306 - PTF RO53646 DetailsCA ACF2 15.0 19
CA RS 1306 - PTF RO53646 Details
Release Service Details15.0 RO53646 RO53646 M.C.S. ENTRIES = ++PTF (RO53646)
ADD NPWPEXIT TO GSO EXITS PANEL
PROBLEM DESCRIPTION:
Add NPWPEXIT support to GSO EXITS panel.
SYMPTOMS:
NPWPEXIT missing from GSO EXITS panel.
IMPACT:
None.
CIRCUMVENTION:
Administer GSO EXITS with ACF command processor.
PRODUCT(S) AFFECTED: CA ACF2
Star Problem(s):
ACF2MS 9459
Copyright (C) 2012 CA. All rights reserved. R00808-ACF150-SP1
DESC(ADD NPWPEXIT TO GSO EXITS PANEL) .
++VER (Z038)
FMID (CAX1F00)
SUP ( TR53646 )
++HOLD (RO53646) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (12361)
COMMENT (
The following actions are required.
1. SMP install the fix.
).
CA ACF2 15.0 20
CA RS 1306 - PTF RO53745 DetailsCA ACF2 15.0 20
CA RS 1306 - PTF RO53745 Details
Release Service Details15.0 RO53745 RO53745 M.C.S. ENTRIES = ++PTF (RO53745)
CICS: SUPPORT CICS TS (CTS) REL 5.1 FOR Z/OS
PROBLEM DESCRIPTION:
Product updates are required to support the new release of CICS TS 5.1.
In addition to recognizing the new release,
The following new Category 1 transaction codes are recognized:
CISP, CIS1, CJSL, CRST
SYMPTOMS:
Message "ACFAE046 Security Initialization Error" displays at region startup.
IMPACT:
You are Unable to use ACF2 CICS with CICS TS 5.1.
CIRCUMVENTION:
none.
Star Problem(s):
ACF2MS 9270
Copyright (C) 2013 CA. All rights reserved. R00810-ACF150-SP1
DESC(CICS: SUPPORT CICS TS (CTS) REL 5.1 FOR Z/OS) .
++VER (Z038)
FMID (CAX1F03)
PRE ( RO32495 RO35975 RO45361 RO46083 )
SUP ( TR33255 TR33256 RO33256 TR53745 )
++HOLD (RO53745) SYSTEM FMID(CAX1F03)
REASON (ACTION ) DATE (13024)
COMMENT (
SMP APPLY and LLA REFRESH if applicable
required to install this APAR.
In addition, the following ENF SYSMODs are required:
Release 14.0: APAR (RO52036, RO54279)
Release 14.1: APAR (RO52028, RO54378)
).
CA ACF2 15.0 21
CA RS 1306 - PTF RO54052 DetailsCA ACF2 15.0 21
CA RS 1306 - PTF RO54052 Details
Release Service Details15.0 RO54052 RO54052 M.C.S. ENTRIES = ++PTF (RO54052)
ADD INTERNAL CLASMAP RECORDS FOR DATACOM
PROBLEM DESCRIPTION:
This apar defines the following 4 classes to the internal
clasmap table for the CA DATACOM product.
DCTABLE
DTADMIN
DTSYSTEM
DTUTIL
SYMPTOMS:
None
IMPACT:
None
CIRCUMVENTION:
A site could do the following commands in the ACF command:
SET CONTROL(GSO)
INSERT CLASMAP.DCTABLE RESOURCE(DCTABLE) RSRCTYPE(DCT)
INSERT CLASMAP.DTADMIN RESOURCE(DTADMIN) RSRCTYPE(DTA)
INSERT CLASMAP.DTSYSTEM RESOURCE(DTSYSTEM) RSRCTYPE(DTS)
INSERT CLASMAP.DTUTIL RESOURCE(DTUTIL) RSRCTYPE(DTU)
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
Star Problem(s):
ACF2MS 9463
Copyright (C) 2013 CA. All rights reserved. R00813-ACF150-SP1
DESC(ADD INTERNAL CLASMAP RECORDS FOR DATACOM) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO35100 RO45722 )
SUP ( TR20460 RO20460 TR24617 TR24618 RO24618 TR54031
TR54052 )
++HOLD (RO54052) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (13010)
COMMENT (
SMP APPLY and IPL with CLPA required to install this APAR.
).
CA ACF2 15.0 22
CA RS 1306 - PTF RO54101 DetailsCA ACF2 15.0 22
CA RS 1306 - PTF RO54101 Details
Release Service Details15.0 RO54101 RO54101 M.C.S. ENTRIES = ++PTF (RO54101)
S013-C0 ABEND TIME SERIES FACILITY ERROR HANDLING
PROBLEM DESCRIPTION:
Time Series facility abends with a S013-c0.
SYMPTOMS:
IEF196I IEF237I MSTR ALLOCATED TO SYSOUT
$HASP708 ACF2 ???????? OPEN FAILED 406
RC=13 SDB/IRWD VALIDATION ERROR
IEC141I 013-C0,IGG0199G,ACF2,ACF2,SYSOUT
IMPACT:
Product continues running as normal.
CIRCUMVENTION:
None
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
Star Problem(s):
ACF2MS 9465
Copyright (C) 2013 CA. All rights reserved. R00814-ACF150-SP1
DESC(S013-C0 ABEND TIME SERIES FACILITY ERROR HANDLING) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO36462 )
SUP ( TR54101 )
++HOLD (RO54101) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (13011)
COMMENT (
SMP APPLY, LLA refresh, 'F ACF2,CHRSTAT(STOP)' and
'F ACF2,CHRSTAT(START)' required to install this apar.
).
CA ACF2 15.0 23
CA RS 1306 - PTF RO54224 DetailsCA ACF2 15.0 23
CA RS 1306 - PTF RO54224 Details
Release Service Details15.0 RO54224 RO54224 M.C.S. ENTRIES = ++PTF (RO54224)
ACFESAGE S002-01 PROCESSING HEX USER LID FIELDS
PROBLEM DESCRIPTION:
If you attempt to run CA ACF2 for z/OS offload utility ACFESAGE against
an ACF2 backup database which includes hex-format user fields in the
logonid record, an S002-1 abend may occur when the program attempts to
write out the 0215 offload record for the user field.
SYMPTOMS:
If the problem occurs, ACFESAGE execution will terminate with an S002-1
abend.
IMPACT:
The ACFESAGE output file is unusable. Attempts to rerun the utility
will also fail with S002-1 abends.
CIRCUMVENTION:
None. Apply the fix when it becomes available.
PRODUCTS AFFECTED:
CA ACF2 for z/OS Release 15.0
Star Problem(s):
ACF2MS 9468
Copyright (C) 2013 CA. All rights reserved. R00816-ACF150-SP1
DESC(ACFESAGE S002-01 PROCESSING HEX USER LID FIELDS) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO19351 RO21351 RO21734 RO26996 RO36463 RO39136
RO44641 RO47863 )
SUP ( TR27780 RO27780 TR54224 )
++HOLD (RO54224) SYSTEM FMID(CAX1F00)
REASON (DYNACT ) DATE (13016)
COMMENT (
SMP apply, LLA refresh if needed, and rerun ACFESAGE to install this
PTF.
).
CA ACF2 15.0 24
CA RS 1306 - PTF RO54233 DetailsCA ACF2 15.0 24
CA RS 1306 - PTF RO54233 Details
Release Service Details15.0 RO54233 RO54233 M.C.S. ENTRIES = ++PTF (RO54233)
MDLC;COMPARE/VMIDLEOP/HEX
Problem description:
COMPARE command output has a problem comparing the VMIDLEOP field. The
COMPARE output should show the described field value and not a binary
representation.
SYMPTOMS:
The COMPARE output is showing VMIDLEOP in binary, not in described
field value.
IMPACT:
None.
CIRCUMVENTION:
None.
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
Star Problem(s):
ACF2MS 9458
Copyright (C) 2013 CA. All rights reserved. R00817-ACF150-SP1
DESC(MDLC;COMPARE/VMIDLEOP/HEX) .
++VER (Z038)
FMID (CAX1F00)
SUP ( TR21740 TR21744 RO21744 TR52945 TR53187 RO53187
TR54233 )
++HOLD (RO54233) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (13024)
COMMENT (
SMP APPLY, LLA refresh required to install this APAR.
).
CA ACF2 15.0 25
CA RS 1306 - PTF RO54470 DetailsCA ACF2 15.0 25
CA RS 1306 - PTF RO54470 Details
Release Service Details15.0 RO54470 RO54470 M.C.S. ENTRIES = ++PTF (RO54470)
0C4 ACF79DBS DB SWITCH FROM ACF COMMAND
PROBLEM DESCRIPTION:
An abend 0C4 in ACF79DBS can occur if the CA ACF2 database switch
command is issued from the ACF command.
SYMPTOMS:
The following abend message is issued:
CCSR010E ACF79DBS S0C4 at xxxxxxxx LMOD ACF8AMA0 CSECT ACF79DBS
+0013CC ACF2 N/A ACF2
IMPACT:
The command fails.
CIRCUMVENTION:
Only issue the database switch command from a console.
PRODUCT(S) AFFECTED: CA ACF2
Star Problem(s):
ACF2MS 9471
Copyright (C) 2013 CA. All rights reserved. R00824-ACF150-SP1
DESC(0C4 ACF79DBS DB SWITCH FROM ACF COMMAND) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO41317 )
SUP ( TR35058 RO35058 TR54470 )
++HOLD (RO54470) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (13025)
COMMENT (
The following actions are required:
1. SMP APPLY the fix.
2. Perform an LLA REFRESH
3. Restart ACF2
).
CA ACF2 15.0 26
CA RS 1306 - PTF RO54770 DetailsCA ACF2 15.0 26
CA RS 1306 - PTF RO54770 Details
Release Service Details15.0 RO54770 RO54770 M.C.S. ENTRIES = ++PTF (RO54770)
0C4 CAS4DSRV ACCESSING DELETED CDE ADDRESS
PROBLEM DESCRIPTION:
An 0C4 in CAS4DSRV is possible when accessing a CDE that has
since been deleted. The invalid address in REG 14 results in
the 0C4 abend. The failure is timing related.
SYMPTOMS:
Abend 0C4 in CAS4DSRV at approximately offset x'16A2'.
IMPACT:
The 0C4 abend results in an SVC dump.
CIRCUMVENTION:
None.
PRODUCT(S) AFFECTED: CA ACF2
Star Problem(s):
ACF2MS 9481
Copyright (C) 2013 CA. All rights reserved. R00832-ACF150-SP1
DESC(0C4 CAS4DSRV ACCESSING DELETED CDE ADDRESS) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO40747 )
SUP ( TR30707 RO30707 TR41983 RO41983 TR52630 RO52630
TR52779 RO52779 TR54770 )
++HOLD (RO54770) SYSTEM FMID(CAX1F00)
REASON (IPL ) DATE (13050)
COMMENT (
The following actions are required:
1. SMP APPLY the fix.
2. Perform an IPL.
).
CA ACF2 15.0 27
CA RS 1306 - PTF RO54786 DetailsCA ACF2 15.0 27
CA RS 1306 - PTF RO54786 Details
Release Service Details15.0 RO54786 RO54786 M.C.S. ENTRIES = ++PTF (RO54786)
ISSUE LOG MSG IF CICS SIGNON GETS ACFAE134 RESPONSE
PROBLEM DESCRIPTION:
If you try to signon to a CICS system protected by ACF2/CICS and the
logonid you use does not have the CICS authorization bit for for that
region, your signon will fail. If you are signing on from a terminal,
you will receive error message ACFAE134 but the fact of the signon
failure will not be recorded anywhere else. No message is written to
either the ACFLOG file or to the CTS region's job log, and no SMF record
indicating the signon failure is created.
The ACFAE134 message is not suitable for display in the ACFLOG file or
the region's job log, since it does not identify the logonid whose
signon failed or the source from which the signon request came.
The signon process must be altered to at least issue a new message
identifying the logonid whose signon failed and the source from which
the request came.
SYMPTOMS:
If you attempt to sign on to a CTS region using a logonid which does
not have authorization for that reason, you will receive the following
message at your terminal:
ACFAE134 You are not authorized to use this CICS region
IMPACT:
If the signon came from a terminal, you will receive the message and
be able to notify your security administrator. However, if the signon
came from a non-terminal source or one which is incapable of receiving
error messages, it may not be obvious that the signon failed or why.
CIRCUMVENTION:
None.
PRODUCTS AFFECTED:
CA ACF2 for z/OS CICS support Release 14.0
Release 15.0
Star Problem(s):
ACF2MS 9450
Copyright (C) 2013 CA. All rights reserved. R00834-ACF150-SP1
DESC(ISSUE LOG MSG IF CICS SIGNON GETS ACFAE134 RESPONSE) .
++VER (Z038)
FMID (CAX1F03)
PRE ( RO31941 RO32495 RO46083 RO53745 )
SUP ( TR54786 )
++HOLD (RO54786) SYSTEM FMID(CAX1F03)
REASON (DYNACT ) DATE (13038)
COMMENT (
SMP APPLY, LLA REFRESH if applicable
and restart of CICS
required to install this APAR.
).
CA ACF2 15.0 28
CA RS 1306 - PTF RO54825 DetailsCA ACF2 15.0 28
CA RS 1306 - PTF RO54825 Details
Release Service Details15.0 RO54825 RO54825 M.C.S. ENTRIES = ++PTF (RO54825)
ROLE - REMOVE DELETED LID FROM INCL/EXCL PARAMETER
PROBLEM DESCRIPTION:
When a delete logonid is issued, the logonid and its associated
user profiles records are deleted.
The possible reference to the logonid in the INCLUDE and EXCLUDE
statements of the roles records are however unchanged.
This has a direct security impact if a new user is added to the LID
database and get assigned the former deleted Logonid.
The new user acquires automatically the roles authorizations that
the former logonid had.
SYMPTOMS:
Re-insert of deleted LID, get roles previously assigned to the deleted
LID.
IMPACT:
A inserted LID may get roles assigned he should not have.
CIRCUMVENTION:
Delete manually the entries in the INCLUDE parameter of the
ROLE concerned, F ACF2,NEWXREF,TYPE(ROL).
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
Star Problem(s):
ACF2MS 9326
Copyright (C) 2013 CA. All rights reserved. R00835-ACF150-SP1
DESC(ROLE - REMOVE DELETED LID FROM INCL/EXCL PARAMETER) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO20695 RO25305 RO25852 RO27471 RO27580 RO30328
RO35100 RO36462 RO36896 RO41317 RO42279 RO45722
RO50067 )
SUP ( RO25919 TR25919 TR50776 TR51501 TR52921 TR54825 )
++HOLD (RO54825) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (13105)
COMMENT (
Product: CA-ACF2-MVS Release: 15.0
Sequence: After Apply
Purpose: Activate change without IPL
Relevance: All users
Knowledge required: Operator commands
Access required: z/OS Operator console
Steps to Perform:
1. LLA Refresh
2. F ACF2,NEWMOD(ACF9C000)
3. F ACF2,NEWMOD(ACF00SVA)
4. F ACF2,NEWMOD(ACF99SVC)
).
CA ACF2 15.0 29
CA RS 1306 - PTF RO54826 DetailsCA ACF2 15.0 29
CA RS 1306 - PTF RO54826 Details
Release Service Details15.0 RO54826 RO54826 M.C.S. ENTRIES = ++PTF (RO54826)
ENFORCE UNIQUENESS FOR UID/GID WHEN USING AUTOUID/AUTOGID
PROBLEM DESCRIPTION:
When AUTOUID/AUTOGID is specified while inserting an OMVS profile record,
the value assigned comes from the range of IDs on the AUTOIDOM GSO record.
The code does not currently force the assigned value to be unique.
This also applies to the initUSP, getUMAP and getGMAP callable services
that can generate UID/GID values when the UNIQUSER option is defined in the
UNIXOPTS GSO record. The assigned UID/GID value might be unique but it was
not guaranteed to be unique.
SYMPTOMS:
Automatically assigned UID/GID values are not checked for uniqueness.
IMPACT:
Multiple users/groups could receive the same UID/GID.
CIRCUMVENTION:
Make sure no ids are in use between UIDNEXT(GIDNEXT) and UIDEND(GIDEND)
values in the AUTOIDOM record. Also, issue F ACF2,REB(USR),C(P) and
F ACF2,OMVS(UID or GID) after each insert or change of the OMVS profile
records
PRODUCT(S) AFFECTED: CA ACF2 Release 15.0
Star Problem(s):
ACF2MS 9289
INCREASE X(SGP) X(RGP) RECORD SIZE TO 16K
PROBLEM DESCRIPTION:
X(SGP) and X(RGP) records still have a maximum length of 4K even when
RULELONG is turned on with larger INFOSTG databases. With this enhancement,
the maximum length of the X(SGP) and X(RGP) records will be 16K, assuming
the INFOSTG database has a size of 16K or more.
SYMPTOMS:
Unable to enter or add values to X(SGP) or X(RGP) records.
IMPACT:
Multiple records are required
CIRCUMVENTION:
None.
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
Star Problem(s):
ACF2MS 9345
Copyright (C) 2013 CA. All rights reserved. R00836-ACF150-SP1
DESC(ENFORCE UNIQUENESS FOR UID/GID WHEN USING AUTOUID/AUTOGID) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO21293 RO25852 RO26856 RO30328 RO32871 RO32938
RO33981 RO34915 RO35100 RO35876 RO35888 RO36462 RO36896
RO36913 RO42626 RO45571 RO45722 RO46801 RO47699 RO54825 )
SUP ( TR23566 TR26186 TR16952 TR17909 TR34214 TR17134
TR34271 TR34561 TR35878 TR36993 TR36998 TR37278 TR39050
RI41254 TR41114 TR42623 RO34271 RO34561 RO36998 RO37278
TR36549 TR43056 TR44280 RO44280 TR45951 TR49462 TR49475
RO26186 TR54713 RO23566 RO34214 RO35878 RO39050 RO42623
RO45951 RO49475 RO54713 TR46207 TR47606 TR48255 TR49547
TR49598 TR51502 TR51989 TR52064 TR52922 TR53412 TR54721
TR54826 )
++HOLD (RO54826) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (13105)
COMMENT (
Product: CA-ACF2-MVS Release: 15.0
Sequence: After Apply
Purpose: Activate change without IPL
Relevance: All users
Knowledge required: Operator commands
Access required: z/OS Operator console
Steps to Perform:
1. LLA Refresh
).
CA ACF2 15.0 30
CA RS 1306 - PTF RO54829 DetailsCA ACF2 15.0 30
CA RS 1306 - PTF RO54829 Details
Release Service Details15.0 RO54829 RO54829 M.C.S. ENTRIES = ++PTF (RO54829)
ALLOW SYMBOLIC NAME IN GSO LINKLST
PROBLEM DESCRIPTION:
Enhancement to allow specification of System Symbols in the InfoStor
GSO LINKLST Dataset Name Specification
SYMPTOMS:
Not Applicable
IMPACT:
Not Applicable
CIRCUMVENTION:
Not applicable
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
Star Problem(s):
ACF2MS 9401
Copyright (C) 2013 CA. All rights reserved. R00838-ACF150-SP1
DESC(ALLOW SYMBOLIC NAME IN GSO LINKLST) .
++VER (Z038)
FMID (CAX1F00)
SUP ( TR51336 TR52924 TR54829 )
++HOLD (RO54829) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (13105)
COMMENT (
Product: CA-ACF2-MVS Release: 15.0
Sequence: After Apply
Purpose: Activate change without IPL
Relevance: All users
Knowledge required: Operator commands
Access required: z/OS Operator console
Steps to Perform:
1. LLA Refresh
2. F ACF2,NEWMOD(ACF00SVA)
).
CA ACF2 15.0 31
CA RS 1306 - PTF RO54831 DetailsCA ACF2 15.0 31
CA RS 1306 - PTF RO54831 Details
Release Service Details15.0 RO54831 RO54831 M.C.S. ENTRIES = ++PTF (RO54831)
MOVE CERTIFICATE TABLE TO 64-BIT COMMON STORAGE
PROBLEM DESCRIPTION:
The certificate table resides in CSA or in the ACF2 address space storage.
The table will no longer be obtained in the ACF2 address space and will
always reside in either CSA (if the operating system does not support 64
bit common storage or there are too few to warrent moving from CSA) or in
64 bit common storage.
SYMPTOMS:
New functionality
IMPACT:
New functionality
CIRCUMVENTION:
None.
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
Star Problem(s):
ACF2MS 9402
NO LONGER HONOR 1.3.14.3.2.29 SIGNATURE ALGORITHM
PROBLEM DESCRIPTION:
1.3.14.3.2.29 is one of two Object identifiers that identify the
sha1withRSAEncryption signature algorithm. Confusion over which one to
use lead to the 1.3.14.3.2.29 algorithm being deprecated years ago. This
meant that you should no longer use the OID when generating certificates
but you should support the OID for signature verification for backward
compatability.
On the mainframe, System SSL and ICSF do not allow the use of this OID
to identify the sha1withRSAEncryption algorithm although other SSL
applications, like OpenSSL, do allow you to verify signatures that use
the OID.
If you use such a certificate with System SSL, your connections will not
work and it can be difficult to determine why they do not work.
Because of this these problems, we will allow a certificate with the
OID in the signature to be inserted into ACF2, but we will also issue the
ACF6D082 Unsupported signature algorithm - adding certificate with NOTRUST
status
message and the certificate will be set to NOTRUST.
The MAKECERT utility, a test tool from MICROSOFT, does create certificates
that use this OID in its signature algorithm at this time.
SYMPTOMS:
Inability to use certificate to make SSL connections using System SSL.
IMPACT:
Difficulties in establishing an SSL environment with products using
System SSL.
CIRCUMVENTION:
Do not use certificates that the 1.3.14.3.2.29 to identify the signature
algorithm in your certificates.
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
Star Problem(s):
ACF2MS 9424
Copyright (C) 2013 CA. All rights reserved. R00839-ACF150-SP1
DESC(MOVE CERTIFICATE TABLE TO 64-BIT COMMON STORAGE) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO19393 RO20618 RO21293 RO25852 RO32871 RO33178
RO35100 RO37060 RO38900 RO42623 RO54826 )
SUP ( TR17182 TR17451 TR18985 TR19541 TR17251 TR17987
TR20643 TR20658 TR17165 TR21202 TR21785 RO21785 TR21902
TR28266 RO21202 TR30798 TR16952 TR17909 TR34214 TR34534
TR37061 RO21902 TR37216 RO28266 TR38630 TR38401 TR38625
TR40539 RO37216 TR38108 TR40447 TR40678 TR42299 TR43941
RO30798 TR48485 TR50682 TR50226 TR50929 TR51352 AR50929
RO50929 TR54340 TR54342 RO18985 RO19541 RO20643 RO20658
RO34214 RO34534 RO37061 RO38630 RO40539 RO40678 RO43941
CA ACF2 15.0 32
CA RS 1306 - PTF RO54831 Details
Release Service DetailsRO48485 RO50682 RO51352 RO54342 TR25011 TR51376 TR51504
TR51992 TR52066 TR52925 TR53416 TR54359 TR54831 )
++HOLD (RO54831) SYSTEM FMID(CAX1F00)
REASON (IPL ) DATE (13105)
COMMENT (
Product: CA-ACF2-MVS Release: 15.0
Sequence: After Apply
Purpose: Activate change
Relevance: All users
Knowledge required: Operator commands
Access required: z/OS Operator console
Steps to Perform:
1. IPL CLPA
).
CA ACF2 15.0 33
CA RS 1306 - PTF RO54833 DetailsCA ACF2 15.0 33
CA RS 1306 - PTF RO54833 Details
Release Service Details15.0 RO54833 RO54833 M.C.S. ENTRIES = ++PTF (RO54833)
ALLOW CANCELLED/SUSPENDED LOGONID TO BE USED IN EXTRACT
PROBLEM DESCRIPTION:
New GSO OPTS setting called CSLIDEXT that allows use of a
Logonid with the CANCEL or SUSPEND field set to be used during
RACROUTE EXTRACT processing.
CSLIDEXT|NOCSLIDEXT
Specifies whether or not Logonids that are marked CANCEL or
SUSPEND will be allowed to be used during RACROUTE EXTRACT
processing. The default is NOCSLIDEXT.
SYMPTOMS:
None
IMPACT:
When CSLIDEXT is set, Logonids with the CANCEL or SUSPEND field
set will be used during RACROUTE EXTRACT processing with no
error messages. The default value is NOCSLIDEXT.
CIRCUMVENTION:
None
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
Star Problem(s):
ACF2MS 9404
Copyright (C) 2013 CA. All rights reserved. R00840-ACF150-SP1
DESC(ALLOW CANCELLED/SUSPENDED LOGONID TO BE USED IN EXTRACT) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO20461 RO36462 RO36896 RO41317 RO46590 RO54825 )
SUP ( TR17283 TR17308 TR20945 RO20945 TR26131 TR27614
TR27615 RO26131 TR33002 TR33050 TR33080 RO33080 TR34727
TR37808 TR41922 TR42041 RO34727 RO37808 RO42041 TR47622
RO47622 TR48295 TR50552 RO48295 TR51345 RO27615 RO50552
RO51345 RO25919 TR25919 TR51467 TR51505 TR52926 TR54833 )
++HOLD (RO54833) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (13136)
COMMENT (
Product: CA-ACF2-MVS Release: 15.0
Sequence: After Apply
Purpose: Activate change without IPL
Relevance: All users
Knowledge required: Operator commands
Access required: z/OS Operator console
Steps to Perform:
1. LLA Refresh
2. F ACF2,NEWMOD(ACF00SVA)
3. F ACF2,NEWMOD(ACF9C000)
NOTE:
New GSO OPTS setting called CSLIDEXT that allows use of a
Logonid with the CANCEL or SUSPEND field set to be used during
RACROUTE EXTRACT processing.
CSLIDEXT|NOCSLIDEXT
Specifies whether or not Logonids that are marked CANCEL or
SUSPEND will be allowed to be used during RACROUTE EXTRACT
processing. The default is NOCSLIDEXT.
).
CA ACF2 15.0 34
CA RS 1306 - PTF RO54836 DetailsCA ACF2 15.0 34
CA RS 1306 - PTF RO54836 Details
Release Service Details15.0 RO54836 RO54836 M.C.S. ENTRIES = ++PTF (RO54836)
LINKLST - ALLOW MASKING IN DATA SET NAMES
PROBLEM DESCRIPTION:
Add ability to specify masked data set names in the LIBRARY field of
the infostorage GSO LINKLST record.
SYMPTOMS:
Not Applicable
IMPACT:
Not Applicable
CIRCUMVENTION:
Not applicable
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
Star Problem(s):
ACF2MS 9420
Copyright (C) 2013 CA. All rights reserved. R00842-ACF150-SP1
DESC(LINKLST - ALLOW MASKING IN DATA SET NAMES) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO20617 RO27471 RO30324 RO33981 RO36462 RO36896
RO41317 RO52747 RO54825 RO54829 RO54831 RO54833 )
SUP ( RO25919 TR25919 TR52547 TR52751 TR52929 TR54581
TR54836 TR54838 )
++HOLD (RO54836) SYSTEM FMID(CAX1F00)
REASON (IPL ) DATE (13142)
COMMENT (
Product: CA-ACF2-MVS Release: 15.0
Sequence: After Apply
Purpose: Activate change
Relevance: All users
Knowledge required: Operator commands
Access required: z/OS Operator console
Steps to Perform:
1. IPL CLPA
).
CA ACF2 15.0 35
CA RS 1306 - PTF RO54882 DetailsCA ACF2 15.0 35
CA RS 1306 - PTF RO54882 Details
Release Service Details15.0 RO54882 RO54882 M.C.S. ENTRIES = ++PTF (RO54882)
STARTING STATS AFTER STATG IS ACTIVE GETS 0C1
PROBLEM DESCRIPTION:
There is the possibility of getting an 0C1 abend in SAFFFQIO
when turning on the GSO OPTS STATS option. The abend will happen
if the GSO CHORUS record already has STATG active and the task
is up and active. Meaning you have seen the ACF79767 STATG GATHERING
FOR CHORUS INITIALIZED message on the console. The abend will happen
after the task has been started with 'F ACF2,STATS(START)' and
the time interval specified in the GSO OPTS STATSINT field has elapsed.
The site would also need to have the GSO OPTS STATSLOG sent to a dataset.
SYMPTOMS:
The following message appears:
CCSR010E ACF79STS S0C1 at 00000002 LMOD N/A CSECT N/A +N/A ACF2 N/A ACF2
IMPACT:
CA ACF2 for z/OS Statistical Gathering does not work.
CIRCUMVENTION:
If both CHORUS STATG and the OPTS STATS are on, just restart
ACF2. As long as both are already on before ACF2 is started, there
is no problem.
PRODUCT(S) AFFECTED: CA-ACF2-MVS Release 15.0
Star Problem(s):
ACF2MS 9485
Copyright (C) 2013 CA. All rights reserved. R00846-ACF150-SP1
DESC(STARTING STATS AFTER STATG IS ACTIVE GETS 0C1) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO36462 RO48337 RO49252 )
SUP ( BR36462 TR37709 RO37709 TR49218 TR54882 )
++HOLD (RO54882) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (13038)
COMMENT (
SMP APPLY, LLA refresh, 'F ACF2,STATS(STOP)', and
'F ACF2,STATS(START)' required to install this apar.
).
CA ACF2 15.0 36
CA RS 1306 - PTF RO56371 DetailsCA ACF2 15.0 36
CA RS 1306 - PTF RO56371 Details
Release Service Details15.0 RO56371 RO56371 M.C.S. ENTRIES = ++PTF (RO56371)
NEWCOPY FAILS FOR SUFFIXED PGMS AFTER ACFE=NEWC=CAKSLMT
PROBLEM DESCRIPTION:
If the ACFE transaction is used to NEWCOPY module CAKSLMT
(the Load Module Table), its current release-dependent
suffix definitions will be lost, resulting in the inability
to NEWCOPY the following modules, which became release-
dependent at CICS/TS 4.1:
CAKSMSGH/CAKSMS##
CAKSSIGN/CAKSSN##
CAKSTRPX/CAKSTR##
This PTF will prevent the Load Module Table from being NEWCOPYed.
SYMPTOMS:
Response from: ACFE=NEWC=mmmmmmmm
is: Module refresh unsuccessful - mmmmmmmm.
IMPACT:
Unknown, as the ACFE=NEWC function should only be done when
requested by support or post-maintenance installation
as directed in ++HOLD data.
CIRCUMVENTION:
Restart the CICS region.
PRODUCTS AFFECTED:
CICS/TS Interface for CA ACF2 FOR Z/OS Release 14.0
CICS/TS Interface for CA ACF2 FOR Z/OS Release 15.0
Star Problem(s):
ACF2MS 9487
Copyright (C) 2013 CA. All rights reserved. R00875-ACF150-SP1
DESC(NEWCOPY FAILS FOR SUFFIXED PGMS AFTER ACFE=NEWC=CAKSLMT) .
++VER (Z038)
FMID (CAX1F03)
PRE ( RO32495 RO33256 RO53745 )
SUP ( TR54980 TR56316 TR56371 )
++HOLD (RO56371) SYSTEM FMID(CAX1F03)
REASON (DYNACT ) DATE (13078)
COMMENT (
Product: CA-ACF2-MVS CICS Release: 15.0
Sequence: After PTF installation.
Purpose: Put new code into place.
Relevance: Correct ACFE=NEWC issues
Knowledge required: SMP/E
Access required: Product libraries
CICS region access
CICS CEMT transaction
Steps to Perform: 1. SMP APPLY the PTF
2. Issue CICS transaction:
CEMT SET PROG(CAKSNEWC) NEWC
).
CA ACF2 15.0 37
CA RS 1306 - PTF RO58015 DetailsCA ACF2 15.0 37
CA RS 1306 - PTF RO58015 Details
Release Service Details15.0 RO58015 RO58015 M.C.S. ENTRIES = ++PTF (RO58015)
ADD VSAMFAIL CONTROL OPTION
PROBLEM DESCRIPTION:
PTF RO55085 removed the incorrect bypass for the validation of a
VSAM OPEN if attribute TCBFSM is set in the current TCB. TCBFSM
will get set only if the task was attached with the SM=SUPV
parameter which says that the attached task should get control in
supervisor state. Since the removal of the incorrect check for
TCBFSM could result in an unexpected violation, a new control option
of VSAMFAIL in the GSO RULEOPTS record is being introduced for
migration purposes. VSAM OPEN requests issued without TCBFSM being
set are not affected and will continue to be validated as before.
The GSO RULEOPTS will default to NOVSAMFAIL. With NOVSAMFAIL set a
validation that was previously ignored due to TCBFSM will now be
validated. If the validation fails the violation will be treated
as a WARN mode failure. The WARN mode processing will generate
the ACF99913 violation messaqe, cut an VIO/WARN SMF record and
generate a message with the content of the GSO WARN data. The
final disposition will be an allow return code.
Once all the necessary ACF2 permissions are in place the site
should change the GSO RULEOPTS value to VSAMFAIL and issue a
'F ACF2,REFRESH(RULEOPTS)' to start enforcing the previously
allowed VSAM OPEN requests.
Warning message ACF79410 will be issued during ACF2 startup or
during a GSO refresh of RULEOPTS if NOVSAMFAIL is in effect.
SYMPTOMS:
Address space fails VSAM OPEN if TCBFSM is set and no permission
exists.
IMPACT:
The OPEN request fails with an S913 abend.
CIRCUMVENTION:
Create a dataset rule allowing access to the VSAM dataset.
PRODUCT(S) AFFECTED: CA ACF2
Star Problem(s):
ACF2MS 9513
Copyright (C) 2013 CA. All rights reserved. R00896-ACF150-SP1
DESC(ADD VSAMFAIL CONTROL OPTION) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO36462 RO36896 RO41317 RO54825 RO54833 RO54836
RO55085 )
SUP ( AR55085 RO25919 TR25919 TR58015 )
++HOLD (RO58015) SYSTEM FMID(CAX1F00)
REASON (IPL ) DATE (13142)
COMMENT (
Product: CA ACF2 Release: 15.0
Sequence:
After the APPLY.
Purpose:
ADD VSAMFAIL CONTROL OPTION
Relevance:
None.
Knowledge required:
z/OS Systems Programming
Access required:
Security access to ACF2 loadlib.
Steps to Perform:
1. SMP APPLY the fix.
2. IPL with CLPA.
).
CA ACF2 15.0 38
CA RS 1306 - PTF RO58369 DetailsCA ACF2 15.0 38
CA RS 1306 - PTF RO58369 Details
Release Service Details15.0 RO58369 RO58369 M.C.S. ENTRIES = ++PTF (RO58369)
LOGONID DB CHANGED RESOURCE PRE/POST EXIT WITH RO45722
PROBLEM DESCRIPTION:
PTF RO45722 introduced a new resource validation call to control
the incrementing of the password violation counter at signon time.
An error, limited to this specific resource validation call, has
been identified involving the ACF2PVIO resource call and the use
of the ACF2 resource PRE and POST exits. The LIDREC pointed to by
ACULRECP of the ACUCB passed to the exits in field ACGXUCB of the
ACGXITP exit parameter list points to the ACF2 I/O buffer version
of the LIDREC. This can result in LIDREC modifications made
during the ACF2 resource PRE and POST exit processing being
written to the ACF2 LOGONIDS database.
Note: No other resource validations are affected.
SYMPTOMS:
Changes made to LIDREC associated with the ACUCB passed to the
resource pre or post exit get written to the ACF2 LOGONIDS
database.
IMPACT:
Temporary LIDREC change becomes permanent.
CIRCUMVENTION:
Don't update LIDREC buffer from resource pre or post exit
for class of ACF2PVIO.
PRODUCT(S) AFFECTED: CA ACF2
Star Problem(s):
ACF2MS 9521
Copyright (C) 2013 CA. All rights reserved. R00905-ACF150-SP1
DESC(LOGONID DB CHANGED RESOURCE PRE/POST EXIT WITH RO45722) .
++VER (Z038)
FMID (CAX1F00)
PRE ( RO45722 )
SUP ( TR17095 TR27787 RO27787 TR36141 TR38461 RO36141
RO38461 AR45722 TR58369 )
++HOLD (RO58369) SYSTEM FMID(CAX1F00)
REASON (ACTION ) DATE (13129)
COMMENT (
Product: CA ACF2 Release: 15.0
Sequence:
After the APPLY.
Purpose:
LOGONID DB CHANGED RESOURCE PRE/POST EXIT WITH RO45722
Relevance:
None.
Knowledge required:
z/OS Systems Programming
Access required:
Security access to ACF2 loadlib.
Steps to Perform:
1. SMP APPLY the fix.
2. Perform an LLA REFRESH.
3. Issue command 'F ACF2,NEWMOD(ACF00SVA)'
).
CA ACF2 14.0 39
CA RS 1306 - PTF RO54091 DetailsCA ACF2 14.0 39
CA RS 1306 - PTF RO54091 Details
Release Service Details14.0 RO54091 RO54091 M.C.S. ENTRIES = ++PTF(RO54091) /* CA ACF2 RELEASE 14.0
PROBLEM DESCRIPTION:
Attempts to INSERT certificates from PKCS#12 packages may
erroneously fail with error message ACF00178. The error is
caused because storage management in program ACSV3CER fails
to clear storage obtained for certificate processing. This
problem has not been reported by client sites but is likely
when the IGVINITGETMAIN (dirty GETMAIN) diagnostic trap is
enabled.
SYMPTOMS:
ACF00178 INVALID CERTIFICATE DATA - FORMAT
ACF00178 INVALID CERTIFICATE DATA - NO DATA
IMPACT:
Digital certificate cannot be inserted from a PKCS#12 package
CIRCUMVENTION:
If the IGVINITGETMAIN (dirty GETMAIN) diagnostic trap is enabled
turn the trap off and issue the INSERT subcommand again.
*/
DESC(ACF00178 ON CERT INSERT FROM PKCS#12) .
++VER(Z038) FMID(CX1E000) /* CA ACF2 r14 */
PRE(RO47494 /* TA9299B REQUIRED APAR */
)
SUP(TA9414B) . /* Original Test APAR */
++HOLD(RO54091) FMID(CX1E000) SYSTEM REASON(ACTION)
COMMENT(SMP APPLY, LLA refresh, and 'F ACF2,NEWMOD(ACF00SVA)'
required to install this apar.
).
CA ACF2 14.0 40
CA RS 1306 - PTF RO54453 DetailsCA ACF2 14.0 40
CA RS 1306 - PTF RO54453 Details
Release Service Details14.0 RO54453 RO54453 M.C.S. ENTRIES = ++PTF(RO54453) /* CA ACF2 RELEASE 14.0
PROBLEM DESCRIPTION:
When a KEYSMSTR SSIGNON record is INSERT'ed the INSERT fails if the
the IGVINITFREEMAIN diagnostic trap is enabled. In theory the INSERT
could also happen without IGVINITFREEMAIN being enabled.
SYMPTOMS:
The INSERT fails with no error message or possibly error message:
ACF00079 MUST BE GREATER THAN
IMPACT:
KEYSMSTR SSIGNON record cannot be inserted
CIRCUMVENTION:
If the IGVINITFREEMAIN (dirty FREEMAIN) diagnostic trap is enabled
turn the trap off and issue the INSERT subcommand again.
*/
DESC(INSERT KEYSMSTR SSIGNON FAILS) .
++VER(Z038) FMID(CX1E000) /* CA ACF2 r14 */
SUP(TA9419B) . /* Original Test APAR */
++HOLD(RO54453) FMID(CX1E000) SYSTEM REASON(ACTION)
COMMENT(SMP APPLY, LLA refresh, and 'F ACF2,NEWMOD(ACF00SVA)'
required to install this apar.
).
CA ACF2 14.0 41
CA RS 1306 - PTF RO55633 DetailsCA ACF2 14.0 41
CA RS 1306 - PTF RO55633 Details
Release Service Details14.0 RO55633 RO55633 M.C.S. ENTRIES = ++PTF(RO55633) /* CA ACF2 RELEASE 14.0
PROBLEM DESCRIPTION:
Prior to release 6.5 of ACF2 we provided a sampjcl DEFINE job and
RECOVER job to have a SHAREOPTIONS(2,4). VSAM has always ignored this
and actually set it to SHAREOPTIONS(1,3) because ACF2 runs with
DISP=OLD. So in 6.5, to try and avoid questions and concerns
the DEFINE job was updated to have SHAREOPTIONS(1,3). For some reason
the RECOVER job was never updated with this change.
SYMPTOMS:
None
IMPACT:
None
CIRCUMVENTION:
Manually change either the DEFINE or RECOVER job to be SHAREOPTION 1,3
*/
DESC(RECOVER SAMPJCL JOB HAS SHAREOPTIONS 2 4) .
++VER(Z038) FMID(CX1E000) /* CA ACF2 r14 */
SUP(TA9333B) . /* Original Test APAR */
++HOLD(RO55633) FMID(CX1E000) SYSTEM REASON(ACTION)
COMMENT(
SMP APPLY REQUIRED TO INSTALL THIS FIX.
).
CA ACF2 14.0 42
CA RS 1306 - PTF RO55651 DetailsCA ACF2 14.0 42
CA RS 1306 - PTF RO55651 Details
Release Service Details14.0 RO55651 RO55651 M.C.S. ENTRIES = ++PTF(RO55651) /* CA ACF2 r14 for CICS
TC9270M
TC9270M
TC9270M
PROBLEM DESCRIPTION: TC9270M
Product updates are required to support the new release of CICS TS 5.1. TC9270M
TC9270M
In addition to recognizing the new release, TC9270M
The following new Category 1 transaction codes are recognized: TC9270M
CISP, CIS1, CJSL, CRST TC9270M
TC9270M
SYMPTOMS: TC9270M
Message "ACFAE046 Security Initialization Error" displays at startup. TC9270M
TC9270M
IMPACT: TC9270M
You are Unable to use ACF2 CICS with CICS TS 5.1. TC9270M
TC9270M
CIRCUMVENTION: TC9270M
none. TC9270M
TC9270M
*/ TC9270M
DESC(SUPPORT CICS TS (CTS) REL 5.1 FOR Z/OS ) . TC9270M
++VER(Z038) FMID(CX1E052) /* CA ACF2 r14 for CICS */ TC9270M
PRE(RO29060 /* TC9072M REQUIRED APAR */ TC9270M
RO29054 /* TC8861M REQUIRED APAR */
RO32234 /* TC8848M REQUIRED APAR */ TC9270M
RO34921 /* TC9187M REQUIRED APAR */ TC9270M
RO42820 /* TC9296M REQUIRED APAR */ TC9270M
RO44883 /* TC9315M REQUIRED APAR */ TC9270M
) TC9270M
SUP(TC9270M) . /* Original Test APAR */ TC9270M
++HOLD(RO55651) FMID(CX1E052) SYSTEM REASON(ACTION) TC9270M
COMMENT( TC9270M
SMP APPLY and LLA REFRESH if applicable TC9270M
required to install this APAR. TC9270M
TC9270M
In addition, the following ENF SYSMODs are required: TC9270M
TC9270M
Release 14.0: APAR <RO52036, RO54279> TC9270M
TC9270M
Release 14.1: APAR <RO53837, RO54378> TC9270M
) . TC9270M
CA ACF2 14.0 43
CA RS 1306 - PTF RO55873 DetailsCA ACF2 14.0 43
CA RS 1306 - PTF RO55873 Details
Release Service Details14.0 RO55873 RO55873 M.C.S. ENTRIES = ++PTF(RO55873) /* CA ACF2 r14 for CICS
TCppppM
TCppppM
PROBLEM DESCRIPTION: TCppppM
In a CTS region running CA ACF2 for z/OS CICS option, under rare TCppppM
circumstances which have not been fully identified the statistical TCppppM
count of active signons may occasionally be set to the maximum positive TCppppM
number. This may be the result of a storage overlay by a transaction TCppppM
running within the CTS region. In any case, if the count is set to TCppppM
the maximum negative number and another signon occurs, an arithmetic TCppppM
overlay occurs when CAKSSIGN attempts to add one to the count of active TCppppM
signons. TCppppM
TCppppM
The fixes for this problem will prevent the arithmetic overlay and will TCppppM
reset the active signon count to 1 if it is found to be negative during TCppppM
an attempted increment, or to 0 if it is found to be negative during TCppppM
an attempted decrement. TCppppM
TCppppM
SYMPTOMS: TCppppM
If this problem occurs, messages similar to the following may appear TCppppM
on the system console: TCppppM
TCppppM
ACFAE723 ACF2/CICS Abend in module CAKSSIGN AT OFFSET nnnn TCppppM
TCppppM
Alternatively, the active signon count displaced by ACFM SD G may TCppppM
be extremely large. TCppppM
IMPACT: TCppppM
If an abend occurs, the current signon is aborted If the signon is
the result of a CESN or an ACF2/CICS API signon call, the task may
hang. The requested signon does not occur in any case, and
additional tasks run from the current terminal will run under the
ACF2/CICS terminal default ID.
CIRCUMVENTION:
None.
*/ TCppppM
DESC(ENTER MEANINGFUL TITLE LIMIT 42 CHARACTERS) . TCppppM
++VER(Z038) FMID(CX1E052) /* CA ACF2 r14 for CICS */ TCppppM
PRE(RO44880 /* TC9330M REQUIRED APAR */ TCppppM
RO32234 /* TC8848M REQUIRED APAR */
RO29054 /* TC8661M REQUIRED APAR */
) TCppppM
TCppppM
SUP(TC9440M) . /* Original Test APAR */ TCppppM
++HOLD(RO55873) FMID(CX1E052) SYSTEM REASON(ACTION) TCppppM
COMMENT(SMP APPLY, LLA REFRESH if applicable TCppppM
and restart of CICS TCppppM
required to install this APAR. TCppppM
). TCppppM
CA ACF2 14.0 44
CA RS 1306 - PTF RO55874 DetailsCA ACF2 14.0 44
CA RS 1306 - PTF RO55874 Details
Release Service Details14.0 RO55874 RO55874 M.C.S. ENTRIES = ++PTF(RO55874) /* CA ACF2 r14 for CICS
TCppppM
TCppppM
PROBLEM DESCRIPTION: TCppppM
If you try to signon to a CICS system protected by ACF2/CICS and the TCppppM
logonid you use does not have the CICS authorization bit for for that TCppppM
region, your signon will fail. If you are signing on from a terminal, TCppppM
you will receive error message ACFAE134 but the fact of the signon TCppppM
failure will not be recorded anywhere else. No message is written to TCppppM
either the ACFLOG file or to the CTS region's job log, and no SMF recordTCppppM
indicating the signon failure is created. TCppppM
TCppppM
The ACFAE134 message is not suitable for display in the ACFLOG file or TCppppM
the region's job log, since it does not identify the logonid whose TCppppM
signon failed or the source from which the signon request came. TCppppM
TCppppM
The signon process must be altered to at least issue a new message TCppppM
identifying the logonid whose signon failed and the source from which TCppppM
the request came. TCppppM
TCppppM
SYMPTOMS: TCppppM
If you attempt to sign on to a CTS region using a logonid which does TCppppM
not have authorization for that reason, you will receive the following TCppppM
message at your terminal: TCppppM
TCppppM
ACFAE134 You are not authorized to use this CICS region TCppppM
TCppppM
IMPACT:
If the signon came from a terminal, you will receive the message and
be able to notify your security administrator. However, if the signon
came from a non-terminal source or one which is incapable of receiving
error messages, it may not be obvious that the signon failed or why.
CIRCUMVENTION:
None.
*/ TCppppM
DESC(New msg ACFAE174 if user lacks CICS bit) . TCppppM
++VER(Z038) FMID(CX1E052) /* CA ACF2 r14 for CICS */ TCppppM
PRE(RO23724 /* TC8790M REQUIRED APAR */ TCppppM
RO29054 /* TC8861M REQUIRED APAR */ TCppppM
RO32234 /* TC9440M REQUIRED APAR */ TCppppM
RO55873 /* TC9440M REQUIRED APAR */ TCppppM
) TCppppM
TCppppM
SUP(TC9450M) . /* Original Test APAR */ TCppppM
++HOLD(RO55874) FMID(CX1E052) SYSTEM REASON(ACTION) TCppppM
COMMENT( TCppppM
SMP APPLY, LLA REFRESH if applicable TCppppM
and restart of CICS TCppppM
required to install this APAR. TCppppM
). TCppppM
CA ACF2 14.0 45
CA RS 1306 - PTF RO56112 DetailsCA ACF2 14.0 45
CA RS 1306 - PTF RO56112 Details
Release Service Details14.0 RO56112 RO56112 M.C.S. ENTRIES = ++PTF(RO56112) /* CA ACF2 RELEASE 14.0
PROBLEM DESCRIPTION:
The ACF2 support for the RACF Environment Service (IRRENS00)
does not handle the BPX.DAEMON.HFSCTL FACILITY properly. The
environment service program control is incorrectly being
enforced for programs loaded from MVS libraries. It should
only be enforced for Unix files when BPX.DAEMON.HFSCTL FACILITY
access has been set up.
SYMPTOMS:
ACFFF601 ENVIRONMENT IS CONTROLLED - MARK UNCONTROLLED REQUEST REJECTED
IMPACT:
If a daemon with BPX.DAEMON.HFSCTL authorization loads a
program from an uncontrolled MVS library an erroneous
"mark uncontrolled" call is made to IRRENS00.
CIRCUMVENTION:
None
*/
DESC(ENV SERVICE IGNORES BPX.DAEMON.HFSCTL) .
++VER(Z038) FMID(CX1E000) /* CA ACF2 r14 */
SUP(TA9428B) . /* Original Test APAR */
++HOLD(RO56112) FMID(CX1E000) SYSTEM REASON(ACTION)
COMMENT(SMP APPLY and IPL with CLPA required to install this APAR.
).