IBM Support

PM52729: TCPIPS ATTACHSEC IS NOT BEING WRITTEN TO THE GCD, SO IT'S VALUE IS LOST AFTER CICS WARMSTART. COLDSTART IS NEEDED TO RESTORE IT

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • TCPIPSERVICE was coded with ATTACHSEC(LOCAL) .
    After a CICS WARM-start ( Emergeny startup), the value for
    ATTACHSEC in the TCPIPSERVICE definition is gone and the
    customer gets :
    DFHIE0361 E  CICS2 A security error has been detected whilst
    processing an attach from a TCP/IP attached client.
    You may also see DFHXS1201 messages.
    
    CEMT I TCPIPS shows:
    
    After a COLD-Start e.g. :
     Attachsec(Local)
    
    But after WARM-start it showes always :
     Attachsec(Notapplic)
    

Local fix

  • Discard and re-install the TCPIPSERVICE.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: All CICS users.                              *
    ****************************************************************
    * PROBLEM DESCRIPTION: MsgDFHIE0361 is issued unexpectedly     *
    *                      after a warm start.                     *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    A TCPIPSERVICE for use with ECI is installed. It specifies
    ATTACHSEC(LOCAL) which only requires a userid to be supplied
    for ECI requests.
    
    When the installation occurred the TCPIPSERVICE was written to
    the global catalog by DFHSOAD.  This process failed to store
    the ATTACHSEC value.
    
    CICS is then shutdown and warm started.  The TCPIPSERVICE is
    restored from the global catalog.  The ATTACHSEC value in the
    restored TCPIPSERVICE is now binary zeros instead of the
    expected text string 'LOCAL   '.  This causes DFHEIP to assume
    that ATTACHSEC(VERIFY) is being used.
    
    When a new ECI request with only a userid comes in to CICS
    message DFHIE0361 is issued because ATACHSEC(VERIFY) requires
    both a userid and a password.
    
    If CEMT is used to inquire on the TCPIPSERVICE it will show
    ATTACHSEC(Notapplic) because the value in the TCPIPSERVICE is
    not set to 'LOCAL   ' or 'VERIFY   '.
    
    Additional keywords
    msgDFHIE0361
    

Problem conclusion

  • DFHSOAD has been changed to write the TCPIPSERVICE to the
    global catalog with the correct value for ATTACHSEC.
    

Temporary fix

  • FIX AVAILABLE BY PTF ONLY
    

Comments

APAR Information

  • APAR number

    PM52729

  • Reported component name

    CICSTS FOR VSE

  • Reported component ID

    564805400

  • Reported release

    B0P

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2011-11-22

  • Closed date

    2012-01-04

  • Last modified date

    2012-05-15

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    UK75198

Modules/Macros

  •    DESSOAD  DESSOTD  DFHSOAD  DFHSOTDC
    

Fix information

  • Fixed component name

    CICSTS FOR VSE

  • Fixed component ID

    564805400

Applicable component levels

  • RB0P PSY UK75198

       UP12/02/14 P E511

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU011","label":"Systems - zSystems software"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1.1.1","Edition":""}]

Document Information

Modified date:
15 May 2012