PERFORM SECURITY REBUILD

Refresh security information.

Syntax

Warning: System commands are powerful as they provide information about the state of the system and allow changes to be made to it. System commands should be used only by authorized applications and users.

Activate security checks on commands by specifying the XCMD system initialization parameter and by ensuring that command security checking is active for the transaction (either by specifying CMDSEC(YES) on the TRANSACTION resource definition or by specifying ALWAYS on the CMDSEC system initialization parameter).

PERFORM SECURITY REBUILD

Read syntax diagramSkip visual syntax diagramPERFORM SECURITY REBUILDESMRESP(data-area)

Conditions: INVREQ, IOERR, NORMAL, NOTAUTH, SYSBUSY

NOHANDLE, RESP, and RESP2 are common options that can be added to all EXEC CICS commands to process error conditions. They are not explicitly included in the command syntax diagram and option descriptions. For information about these common options and EXEC CICS command syntax, see EXEC CICS command format and programming considerations.

This command is threadsafe.

Description

The PERFORM SECURITY REBUILD command is a request for CICS® security information to be refreshed from its external security manager (ESM) source, so that it reflects any updates made since the information was last retrieved.

This command is not required by users whose ESM is RACF®, because the refresh process is automatic.

If your CICS uses another ESM, the effect of this command depends on the particular ESM.

Options

ESMRESP(data-area)
returns a fullword binary field giving the response code from the external security manager. This value is also returned in the RESP2 field of the response code. If an exception condition prevents CICS from invoking the ESM, the ESMRESP value is left unchanged.

Conditions

INVREQ
RESP2 values:
1
No ESM is installed, or the ESM is inactive.
5
The ESM is temporarily inactive and cannot perform the action requested.
IOERR
RESP2 values:
2
Error returned from ESM. The return code is in ESMRESP, if the option was used.
NORMAL
RESP2 values:
0
The ESM is not RACF. The command completed successfully. See ESMRESP for details.
4
The ESM is RACF. The command is ignored.
NOTAUTH
RESP2 values:
100
The user associated with the issuing task is not authorized to use this command.
SYSBUSY
RESP2 values:
3
A security rebuild is currently in progress.