IBM Support

CSV244I update access denied and DFHLD0001 ABEND023 in DFHLDLD1

Troubleshooting


Problem

When you startup CICS, you receive the following messages and abend:
CSV244I CSV UPDATE ACCESS DENIED. USER= CLASS=FACILITY RESOURCE=CSVLLA.SYS1.SCEERUN
DFHLD0001 An abend (code 023/AKEB) has occurred at offset X'30B0' in module DFHLDLD1

Cause

The CICS region system initialization table (SIT) parameter LLACOPY is set to YES. Therefore, the CICS region user ID is issuing an MVS library lookaside (LLA) operator command but it does not have sufficient authority for the command to be run.

Diagnosing The Problem

If using RACF you will also receive message:
ICH408I USER(CICSXXXX) GROUP(STC ) NAME(CICS ) 311  
  SYS1.SCEERUN CL(DATASET ) VOL(XXXXXX)              
  INSUFFICIENT ACCESS AUTHORITY
  ACCESS INTENT(UPDATE )  ACCESS ALLOWED(READ   )
  FROM SYS1.SCEERUN (G)


If using CA ACF2 you will receive message:
ACF99913 ACF2 VIOLATION-04,09,CICSXXXX,A4AR11,SYS1.SCEERUN,N/A

Resolving The Problem

Authorize the CICS region's user ID as described in the CICS TS documentation topic Authorizing access with the MVS library lookaside (LLA) facility:
 

If you are using the library lookaside (LLA) facility of MVS™, you can control a program's ability to use the LLACOPY macro.

Authorize the CICS® region's userid in one of the following ways:
  • It must have UPDATE authority to the data set that contains the LLA module.
  • It must have UPDATE authority in the FACILITY class to the resource CSVLLA. datasetname, where datasetname is the name of the library that contains the LLA module. For example
    RDEFINE FACILITY CSVLLA.datasetname UACC(NONE) NOTIFY
    PERMIT CSVLLA.datasetname CLASS(FACILITY) ID(....) ACCESS(UPDATE)

In this case, the datasetname is SYS1.SCEERUN. This also applies to any other load-module libraries in the DFHRPL concatenation that are controlled by the MVS LLA facility.

[{"Type":"MASTER","Line of Business":{"code":"LOB35","label":"Mainframe SW"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server - SSGMGV"},"ARM Category":[{"code":"a8m0z00000007YsAAI","label":"Security"}],"ARM Case Number":"","Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"5.4.0;5.5.0;5.6.0;6.1.0"}]

Product Synonym

CICS/TS CICS TS CICS Transaction Server

Document Information

Modified date:
03 January 2023

UID

swg21177687