OA62484: MESSAGE "CKF0000 04 CONTROL BLOCK HCCT OMITTED BECAUSE OF PROTECTION EXCEPTION" IS ISSUED WITH EXECUTION OF CKFCOLL.

Obtain the fix for this APAR.

APAR status

• Closed as program error.

Error description

• Message "CKF0000 04 Control block hcct omitted because of
  protection exception" is issued with execution of CKFCOLL with
  zSecure 2.5.0 on z/OS JES2 2.5, due to APARs OA62024 and
  OA60777 moved an offset.
  

Local fix

• N/A
  

Problem summary

• ****************************************************************
  * USERS AFFECTED: Users of zSecure Collect exploiting the      *
  *                 program under z/OS V2R5 and users of zSecure *
  *                 Audit processing system data (CKFREEZE data  *
  *                 set) generated by zSecure Collect.           *
  ****************************************************************
  * PROBLEM DESCRIPTION: zSecure Collect might issue a           *
  *                      MSGCKF0000 while collecting JES2        *
  *                      information. Some reports generated by  *
  *                      zSecure Audit might be unreliable or    *
  *                      incomplete (including compliance        *
  *                      controls).                              *
  ****************************************************************
  * RECOMMENDATION: Apply the PTF provided and review the        *
  *                 documentation update.                        *
  ****************************************************************
  When zSecure Collect processes JES2 information, it might issue
  a MSGCKF0000 which begins with the text "Control block xite
  omitted because of protection exception". As result, an
  incomplete PROCLIB, SUBMITLIB, and POLICYLIB data set
  concatenation information is written into a CKFREEZE so that
  reports like AS_DD (Address space DD names), SENSDSN (Sensitive
  Data Set Names), TRUSTED (Users that can bypass security), and
  some others where JES2 PROCLIB, SUBMITLIB, and/or POLICYLIB
  concatenation information is used) might be incomplete or not
  reliable. Some zSecure Audit's compliance controls might be
  affected as well.
  

Problem conclusion

• zSecure Collect has been modified so that it correctly processes
  JES2 information and no MSGCKF0000 is issued. Please note the
  documentation changes as provided by the APAR tracking comment
  data.
  

Temporary fix

Comments

APAR Information

• APAR is sysrouted FROM one or more of the following:

• APAR is sysrouted TO one or more of the following:

  UJ08196

Modules/Macros

• CKFJES2  CKRCFS   CKRCFS2  CKROUCT  GKRCFS   GKRCFS2  GKROUCT
  

Fix information

• Fixed component name

  ZSEC BASE,ADMIN

• Fixed component ID

  5655T0100

Applicable component levels

• R250 PSY UJ08196

     UP22/04/22 P F204

Fix is available

• Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.