AII0120E RACROUTE REQUEST=VERIFY, ENVIR=`action` ended with RC=`saf_rc` Security system RC=X'`sec_rc`' Reason=X'`sec_rsn`'. Additional messages might be available in JOBLOG for JOB `job_name` (`job_number`) on system `smf_id`.

Explanation
Distributed Access Infrastructure could not authenticate the client. This condition can occur
when the client is logging on to Distributed Access Infrastructure or when the client is attempting
to access a resource on z/OS®. 
This error can be caused by the
following conditions:
The client specifies a user ID that is not defined to the security
system.

The client specifies the incorrect password for the user ID.

                    Mixed-case password is translated to uppercase because
                        NoMixedCase is set for the Password parameter in the Distributed Access
                        Infrastructure server configuration.

The SecurityGroup parameter is specified in the Distributed Access Infrastructure server
configuration, but the group is not defined to the security system.

The SecurityGroup parameter is specified in the Distributed Access Infrastructure server
configuration, but the user ID is not connected to this group.

The SecurityAppl parameter is specified in the Distributed Access Infrastructure server
configuration, and the specified application name is defined the APPL CLASS of the security system.
However, the user ID does not have READ access to the APPL CLASS profile of the application.

This message provides the following information:

action

The action is CREATE when Distributed Access Infrastructure is attempting to verify access of
the client. The action is DELETE when Distributed Access Infrastructure detects an error while
Distributed Access Infrastructure is cleaning up after processing.

saf_rc

The return code from the SAF RACROUTE VERIFY request.

sec_rc

The return code from the underlying security function (RACINIT).

sec_rsn

The reason code from the underlying security function (RACINIT).

job_name

The job name of the Distributed Access Infrastructure server.

job_number

The job number of the Distributed Access Infrastructure server.

smf_id

The SMF ID of the system on which the server is running.

System action
If this condition occurs while the user is attempting to log on, Distributed Access
Infrastructure denies the logon request. If this condition occurs while attempting to access a z/OS resource, Distributed Access Infrastructure denies access to
the resource. In all cases, an error is returned to the client.

User response
See the return and reason codes, which are documented in the security systems RACROUTE reference
    manual. For example, for RACF®, these codes are found in
    the topic "RACROUTE REQUEST=VERIFY" in z/OS Security Server
                    RACROUTE Macro Reference (SA23-2294).

AII0120E RACROUTE REQUEST=VERIFY, ENVIR=action ended with RC=saf_rc Security system RC=X'sec_rc' Reason=X'sec_rsn'. Additional messages might be available in JOBLOG for JOB job_name (job_number) on system smf_id.

Explanation

System action

User response

AII0120E RACROUTE REQUEST=VERIFY, ENVIR=`action` ended with RC=`saf_rc` Security system RC=X'`sec_rc`' Reason=X'`sec_rsn`'. Additional messages might be available in JOBLOG for JOB `job_name` (`job_number`) on system `smf_id`.