IBM Support

OA49347: RACF OFFLINE INTERACTS WITH RACF RRSF, WHEN RACDCERT AND RACMAP COMMANDS ARE EXECUTED.

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • In an RRSF environment where application updates are
    propagated, RACDCERT and RACMAP commands executed on a
    RACF-Offline database can result in propagation of certain
    updates to other systems.
    

Local fix

  • Do not use RACDCERT, nor RACMAP from within RACF Offline.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: Users of zSecure RACF Offline processing     *
    *                 digital certificates on systems with active  *
    *                 RRSF connections.                            *
    ****************************************************************
    * PROBLEM DESCRIPTION: zSecure RACF Offline propagates digital *
    *                      certificate profile updates to the      *
    *                      remote nodes in a RRSF network.         *
    ****************************************************************
    * RECOMMENDATION: Apply the PTF provided.                      *
    ****************************************************************
    When digital certificate profiles in the offline RACF database
    are processed with zSecure RACF Offline on systems with
    active RRSF connections, the RACF commands are propagated to the
    other RRSF nodes while they should not.
    

Problem conclusion

  • zSecure RACF Offline has been modified so that the commands
    processing the digital certificate profiles are not propagated
    to the other nodes in a RRSF network. Please note the
    documentation changes as specified in the APAR tracking comment
    data.
    1DFY
    1DGY
    21FY
    21GY
    22FY
    B8R@OPEN
    B8RACF
    B8RDBMON
    B8RDBU03
    B8RENV01
    

Temporary fix

Comments

APAR Information

  • APAR number

    OA49347

  • Reported component name

    ZSEC BASE,ADMIN

  • Reported component ID

    5655T0100

  • Reported release

    1DF

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2015-11-10

  • Closed date

    2016-01-05

  • Last modified date

    2016-02-01

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    UA80238 UA80239 UA80240 UA80241 UA80242

Modules/Macros

  •    B8R@OPEN B8RACF   B8RDBMON B8RDBU03 B8RENV01
    

Fix information

  • Fixed component name

    ZSEC BASE,ADMIN

  • Fixed component ID

    5655T0100

Applicable component levels

  • R1DF PSY UA80238

       UP16/01/07 P F601

  • R1DG PSY UA80239

       UP16/01/07 P F601

  • R21F PSY UA80240

       UP16/01/07 P F601

  • R21G PSY UA80241

       UP16/01/07 P F601

  • R22F PSY UA80242

       UP16/01/07 P F601

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU048","label":"IBM Software"}, "Product":{"code":"SSCE68R","label":"zSecure Admin"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1DF","Edition":""}]

Document Information

Modified date:
01 February 2016