DFS2166 EXTENDED SECURITY VIOLATION FOR MSC LINK [I: sss/name, D: sss/name,U:name]
Explanation
While an MSC link was receiving an input message destined to a transaction, a security check to determine if the input message was allowed for the transaction destination failed. The failure occurred due to an authorization check made by RACF® or by the user exit DFSCTRN0.
- name following D: is the transaction destination of the message. name following I: is the input system LTERM name.
- sss following I: is the SYSID of the input system. sss following D: is the SYSID of the processing system.
- name following U: is the USERID that failed the authorization check. The CTL region ID will not be displayed if it is used for the authorization check.
System action
IMS logs the message in error, using record type 64, and removes the message from the system.
System programmer response
Correct the erroneous security error. Check the MSCSEC= parameter in the DFSDCxxx PROCLIB member of the remote system. Also, check that the link receive logic of the user exit DFSMSCE0 of the remote system determines the type of security check that was made. Using the information from the X'64F1' and X'64F2' log records and the DFS2166 error message determine why the security authorization check failed.
| RC | Label | Description |
|---|---|---|
| 4 | CAUTRMSC | RACF failure
occurred; it was unable to obtain the ACEE for MSNAME. CLBTEMP3 = RACF RC |
| 8 | RACFERR | RACROUTE failure. CLBTEMP3 = RACF RC. |
| C | CAUT044 | TRANAUTH was specified, but RACF was not defined. |
| 10 | TESTE010 | An error was returned from DFSCRTN0. CLBTEMP3 = DFSCTRN0 RC. |
| 14 | GETRACWE | The GETRACW routine was unable to obtain storage. CLBTEMP3 = BCB RC. |
| 18 | CAUTRINT | The CAUTRINT routine was unable to obtain storage. CLBTEMP3 = BCB RC. |