A fix is available
APAR status
Closed as program error.
Error description
TCPIPSERVICE was coded with ATTACHSEC(LOCAL) . After a CICS WARM-start ( Emergeny startup), the value for ATTACHSEC in the TCPIPSERVICE definition is gone and the customer gets : DFHIE0361 E CICS2 A security error has been detected whilst processing an attach from a TCP/IP attached client. You may also see DFHXS1201 messages. CEMT I TCPIPS shows: After a COLD-Start e.g. : Attachsec(Local) But after WARM-start it showes always : Attachsec(Notapplic)
Local fix
Discard and re-install the TCPIPSERVICE.
Problem summary
**************************************************************** * USERS AFFECTED: All CICS users. * **************************************************************** * PROBLEM DESCRIPTION: MsgDFHIE0361 is issued unexpectedly * * after a warm start. * **************************************************************** * RECOMMENDATION: * **************************************************************** A TCPIPSERVICE for use with ECI is installed. It specifies ATTACHSEC(LOCAL) which only requires a userid to be supplied for ECI requests. When the installation occurred the TCPIPSERVICE was written to the global catalog by DFHSOAD. This process failed to store the ATTACHSEC value. CICS is then shutdown and warm started. The TCPIPSERVICE is restored from the global catalog. The ATTACHSEC value in the restored TCPIPSERVICE is now binary zeros instead of the expected text string 'LOCAL '. This causes DFHEIP to assume that ATTACHSEC(VERIFY) is being used. When a new ECI request with only a userid comes in to CICS message DFHIE0361 is issued because ATACHSEC(VERIFY) requires both a userid and a password. If CEMT is used to inquire on the TCPIPSERVICE it will show ATTACHSEC(Notapplic) because the value in the TCPIPSERVICE is not set to 'LOCAL ' or 'VERIFY '. Additional keywords msgDFHIE0361
Problem conclusion
DFHSOAD has been changed to write the TCPIPSERVICE to the global catalog with the correct value for ATTACHSEC.
Temporary fix
FIX AVAILABLE BY PTF ONLY
Comments
APAR Information
APAR number
PM52729
Reported component name
CICSTS FOR VSE
Reported component ID
564805400
Reported release
B0P
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2011-11-22
Closed date
2012-01-04
Last modified date
2012-05-15
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UK75198
Modules/Macros
DESSOAD DESSOTD DFHSOAD DFHSOTDC
Fix information
Fixed component name
CICSTS FOR VSE
Fixed component ID
564805400
Applicable component levels
RB0P PSY UK75198
UP12/02/14 P E511
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1.1.1","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
Document Information
Modified date:
15 May 2012