A fix is available
APAR status
Closed as program error.
Error description
Working with ISPF OLM, DB2 administrators get such messages: . . . 11.33.53 STC12763 FPEV2107E D1ZS DB2 MONITOR PRIVILEGE CHECK FAILED FOR USER Z004376 11.33.53 STC12763 FPEV0405E D1ZS CONNECTION BY USER Z004376 FAILED, NO AUTHORITIES FOUND IN SYSIBM.SYSUSERAUTH 11.36.35 STC12763 FPEV2107E D1ZS DB2 MONITOR PRIVILEGE CHECK FAILED FOR USER Z004376 11.36.35 STC12763 FPEV0405E D1ZS CONNECTION BY USER Z004376 FAILED, NO AUTHORITIES FOUND IN SYSIBM.SYSUSERAUTH 11.41.30 STC12763 FPEV2107E D1ZS DB2 MONITOR PRIVILEGE CHECK FAILED FOR USER Z004376 11.41.30 STC12763 FPEV0405E D1ZS CONNECTION BY USER Z004376 FAILED, NO AUTHORITIES FOUND IN SYSIBM.SYSUSERAUTH . . . When non-DB2 administrators take the same action, the access is granted. Access to SYSIBM.SYSUSERAUTH is granted either through a RACF group or through the user himself. In OmPE Classic and CUA interfaces the DB2 administrators can switch from one DB2 to another without problem
Local fix
N/A
Problem summary
**************************************************************** * USERS AFFECTED: OMEGAMON XE for DB2 PE/DB2PM * * users of component * * - PE Server subtask * * - ISPF Monitoring dialogs * **************************************************************** * PROBLEM DESCRIPTION: ISPF OLM users cannot logon or switch * * to another DB2 subsystem. * **************************************************************** * RECOMMENDATION: Apply this PTF. * **************************************************************** PROBLEM SUMMARY: When real time performance monitoring is performed using the ISPF user interface and the ISPF user interface is connected to a monitoring PE Server subtask, the PE Server subtask verifies whether the TSO logon user ID submitted from the ISPF user interface has DB2 monitoring privileges. When the primary user ID has no monitoring privileges, the PE Server subtask checks whether a secondary user ID (group with monitoring privileges and the user ID as a member) exists. The check is limited to the first 15 group names found in the group name list of the corresponding acessor environment element for the user ID. If the group with monitoring privileges is not among the first 15 group names, the user authorization fails. PROBLEM CONCLUSION: The code has been corrected. The limit of 15 group names has been removed. KEYWORDS: ISPF OLM LOGON SUBSYSTEM SWITCH CIRCUMVENTION: Grant DB2 monitoring privileges to the ISPF OLM TSO logon user ID.
Problem conclusion
The code has been corrected. The limit of 15 group names has been removed.
Temporary fix
Comments
APAR Information
APAR number
PI27188
Reported component name
OM XE DB2PE/PM
Reported component ID
5655OPE00
Reported release
520
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2014-10-08
Closed date
2015-04-10
Last modified date
2017-01-26
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UI26677
Modules/Macros
DGOVMSTR FPEVDB2I FPEVDB22
Fix information
Fixed component name
OM XE DB2PE/PM
Fixed component ID
5655OPE00
Applicable component levels
R520 PSY UI26677
UP15/04/14 P F504
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSZJXP","label":"DB2 Tools for z\/OS"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.2.0"}]
Document Information
Modified date:
30 March 2021