Explanation
An error was detected by RACF® in the parameters passed to RACF for RACROUTE REQUEST=AUTH processing.
System action
Programmer response
Register 15 contains a hexadecimal reason
code (message ICH409I, if issued, also contains this reason code):
- Code
- Explanation
- 04
- Parameter list length not valid.
- 10
- APF authorization, or system key 0-7, or supervisor state required
for CSA, LOG, PRIVATE, PROFILE, ACEE, UTOKEN, USERID, or GROUPID option.
- 14
- ATTR option not valid.
- 18
- Volume serial required but not supplied.
- 1C
- Inconsistent PROFILE/ENTITY flag settings.
- 20
- No resource name or PROFILE specified.
- 24
- No CLASS name specified.
- 2C
- Incorrect LOG option specified. (This code is used only through RACF Version 1.4.)
- 30
- Volume serial specified for class other than DATASET.
- 34
- File sequence number not valid.
- 38
- File sequence number specified for non-tape data set.
- 3C
- Tape label parameter specified for non-tape data set.
- 40
- Tape label option not valid.
- 44
- Erase-on-scratch request not valid.
- 48
- USERID = * was specified on the REQUEST=AUTH. * is an unacceptable RACF user ID.
- 4C
- For the ENTITYX keyword, both the entity name length and the buffer
length are zero.
- 50
- Buffer length is not valid:
- Less than zero
- Greater than 255
- Not zero but less than the entity name length.
- 54
- Entity name length is not valid:
- Less than zero
- Greater than 44 if CLASS=DATASET, or greater than the length for
that class as defined in the class-descriptor table
- Greater than 44 if CLASS=DATASET, or greater than the maximum
length for that class as defined in the class-descriptor table.
- 58
- The in-storage profile provided to the REQUEST=AUTH was not at
the version required by RACF.
Ensure that the version of the in-storage profile (addressed by the
ENTITY parameter with CSA specified) is at the required version number.
- 5C
- The entity name contains a blank.
If the ENTITYX keyword is
specified and the entity name length is given, the name has a blank
in the beginning, in the middle, or at the end.
- 60
- RTOKEN keyword is mutually exclusive with the CSA and PRIVATE
parameters of the ENTITY keyword.
- 64
- ACEE not valid.
- 68
- Unauthorized caller specified subpool greater than 127 on RACROUTE
MSGSP parameter.
- 6C
- The message chain pointed to by SAFPMSAD for an unauthorized caller
contains too many elements, indicating a chaining problem.
Identify and correct the indicated error.
Problem determination
Use the reason code in Register 15 to
identify the error. If the issuer of the RACF macro is a user routine (such as an installation
exit), correct the parameter list specified for the RACF macro in the installation exit. If the
issuer of the RACF macro is
an IBM® routine, see z/OS Security Server RACF Diagnosis Guide for
more information about diagnosing abends and reporting abend problems
to IBM.
Note: For
batch jobs, if you need to do dump analysis but do not have a dump,
run the job again. For batch jobs using DSMON, a RACF command, or the RACF report writer, specify a SYSABEND DD statement
in the job. This ensures that a dump is taken.