IBM Support

OA52292: APPROVE ACTION "NOT ALLOWED" ON A QUEUED COMMAND IN SECOND APPROVE STATUS

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • When working with queued commands via the zSecure Admin UI
    panels for Multiple-authority actions using CKGRACF, the action
    character A for Approve is "Not Allowed" for a queued command
    in Second Approve (SA) status.
    Hitting PF1 shows the reason is:
    "Action not allowed: you performed an earlier action"
    but this is not actually the case.
    

Local fix

  • Issue the relevant CKGRACF CMD COMPLETE APPROVE command
    manually.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: Users of zSecure Admin exploiting the APROVE *
    *                 action for the CKGRACF queued commands that  *
    *                 are subject to multiple-authority.           *
    ****************************************************************
    * PROBLEM DESCRIPTION: zSecure Admin displays a 'Not allowed'  *
    *                      message while processing a APPROVE      *
    *                      request for the queued CKGRACF commands *
    *                      that are subject to multiple-authority. *
    ****************************************************************
    * RECOMMENDATION: Apply the PTF provided.                      *
    ****************************************************************
    When the APPROVE action is perfomed against a queued CKGRACF
    command that is subject to double or triple authority, the
    zSecure Admin displays a 'Not allowed' message with the
    explanation that states 'you performed an earlier action'.
    

Problem conclusion

  • zSecure Admin has been modified so that GKGRACF command approval
    performs as documented.
    

Temporary fix

Comments

APAR Information

  • APAR number

    OA52292

  • Reported component name

    ZSEC BASE,ADMIN

  • Reported component ID

    5655T0100

  • Reported release

    220

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2017-03-08

  • Closed date

    2017-03-28

  • Last modified date

    2017-04-03

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    UA91460 UA91461

Modules/Macros

  •    CKRCKGA  GKRCKGA
    

Fix information

  • Fixed component name

    ZSEC BASE,ADMIN

  • Fixed component ID

    5655T0100

Applicable component levels

  • R220 PSY UA91460

       UP17/03/29 P F703

  • R221 PSY UA91461

       UP17/03/29 P F703

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU048","label":"IBM Software"}, "Product":{"code":"SSCE68R","label":"zSecure Admin"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"220","Edition":""}]

Document Information

Modified date:
03 April 2017