OA68503: ZSECURE ADMIN'S FIX FOR COMPATIBILITY WITH THE RACF APAR OA67467.

A fix is available

APAR status

Closed as change to accomodate OEM Vendor's code.

Error description

z/OS Security Server RACF APAR OA67467 now imposes a limit upon
the number of keyword operands for the command ADDUSER. zSecure
Admin shall comply with that update.

Local fix

Problem summary

****************************************************************
* USERS AFFECTED: Users of zSecure Admin for RACF using the    *
*                 copy user or recreate user line commands.    *
****************************************************************
* PROBLEM DESCRIPTION: Copy user and recreate user commands    *
*                      can generate RACF ADDUSER command with  *
*                      more than 283 values for CLAUTH and/or  *
*                      ADDCATEGORY parameters. This may result *
*                      in a ICH01028I KEYWORD OPERAND LIMIT    *
*                      EXCEEDED error message.                 *
****************************************************************
* RECOMMENDATION: Apply the PTF provided.                      *
****************************************************************
When RACF ADDUSER command is generated by either copy user or
recreate user commands, the RACF ADDUSER command may contain
more than 283 values for CLAUTH and/or ADDCATEGORY parameters,
which results in a ICH01028I KEYWORD OPERAND LIMIT EXCEEDED
error message.

Problem conclusion

The functionality of zSecure Admin has been updated, so that it
generates CLAUTH and/or ADDCATEGORY parameters not in the RACF
ADDUSER command but rather in a subsequent RACF ALTUSER command
to avoid CH01028I KEYWORD OPERAND LIMIT EXCEEDED error message.

Temporary fix

Comments

APAR Information

APAR number
OA68503
Reported component name
ZSEC BASE,ADMIN
Reported component ID
5655T0100
Reported release
250
Status
CLOSED OEM
PE
NoPE
HIPER
NoHIPER
Special Attention
YesSpecatt / New Function / Xsystem
Submitted date
2025-09-16
Closed date
2025-09-22
Last modified date
2025-10-02

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

UJ98107 UJ98108

Modules/Macros

```
CKRPRMSG CKRXCUS  GKRPRMSG
```

Fix information

Applicable component levels

R250 PSY UJ98108
UP25/09/25 P F509
R310 PSY UJ98107
UP25/09/25 P F509

Fix is available

Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"250","Line of Business":{"code":"LOB70","label":"Z TPS"}}]

Document Information

Modified date:
02 October 2025

Tips

OA68503: ZSECURE ADMIN'S FIX FOR COMPATIBILITY WITH THE RACF APAR OA67467.

A fix is available

Subscribe

APAR status

Closed as change to accomodate OEM Vendor's code.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros

Fix information

Applicable component levels

R250 PSY UJ98108

R310 PSY UJ98107

Fix is available

Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

Document Information

Share your feedback

Need support?