OA68320: AU.V PERMIT GENERATES COMMANDS TO DELETE CICS TRANSACTION PROFILES WHICH HAVE A SECPRFX THAT IS NOT A USER OR GROUP

A fix is available

APAR status

Closed as program error.

Error description

AU.V Permit generates commands to delete CICS transaction
profiles which have a SECPRFX that is not a user or group.

Local fix

```
N/A
```

Problem summary

****************************************************************
* USERS AFFECTED: Users of zSecure Admin/Audit exploiting the  *
*                 'VERIFY PERMIT' function (either in CARLa    *
*                 scripts or using interactive option AU.V).   *
****************************************************************
* PROBLEM DESCRIPTION: zSecure Admin/Audit incorrectly         *
*                      generates 'rdelete' and/or 'ralter'     *
*                      commands for CICS transactions profiles *
*                      covering CICS transactions belonging to *
*                      CICS regions defined with a             *
*                      'SECPRFX=<id>' configuration option.    *
****************************************************************
* RECOMMENDATION: Apply the PTF provided.                      *
****************************************************************
When the 'VERIFY PERMIT' function offered by zSecure Audit/Admin
is invoked with system data where CICS region(s) is (are)
defined with a 'SECPRFX=<id>' configuration option, the program
incorrectly generates 'rdelete' and/or 'ralter' commands for
CICS transaction profiles in those regions. A (series of)
MSGCKR0068 which begins with the text "Undefined id" and
MSGCKR0261 which begins with the text "Key with unknown" is also
displayed in the SYSPRINT data set.

Problem conclusion

zSecure Audit/Admin has been modified, so that it correctly
processes CICS transaction profiles for CICS regions defined
with a 'SECPRFX=<id>' option, and the 'VERIFY PERMIT' function
generates correct commands.

Temporary fix

Comments

APAR Information

APAR number
OA68320
Reported component name
ZSEC BASE,ADMIN
Reported component ID
5655T0100
Reported release
320
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2025-08-06
Closed date
2025-10-14
Last modified date
2025-11-03

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

UJ98205 UJ98248

Modules/Macros

```
CKRVPRM  GKRVPRM
```

Fix information

Fixed component name
ZSEC BASE,ADMIN
Fixed component ID
5655T0100

Applicable component levels

R310 PSY UJ98205
UP25/10/17 P F510
R320 PSY UJ98248
UP25/10/17 P F510

Fix is available

Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"320","Line of Business":{"code":"LOB70","label":"Z TPS"}}]

Document Information

Modified date:
08 November 2025

Tips

OA68320: AU.V PERMIT GENERATES COMMANDS TO DELETE CICS TRANSACTION PROFILES WHICH HAVE A SECPRFX THAT IS NOT A USER OR GROUP

A fix is available

Subscribe

APAR status

Closed as program error.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros

Fix information

Fixed component name

Fixed component ID

Applicable component levels

R310 PSY UJ98205

R320 PSY UJ98248

Fix is available

Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

Document Information

Share your feedback

Need support?