IBM Support

OA64739: ACL INDIRECT LOOKUP QUERY NOT RETURNING RESULTS FROM CSDATA.

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • When running a CARLa report against a resource profile, and
using the access list to do an indirect lookup to the user
profile, the CSDATA on the user profile is shown as blank,
instead of the data present in the CSDATA segment.  The problem
is encountered when CARLa is processing data using the INDEX.

Local fix

  • Specify SUPPRESS INDEX, and the data is returned.

Problem summary

  • ****************************************************************
* USERS AFFECTED: Users of zSecure Admin/Audit exploiting ID   *
*                 lookup function using exploded RACF ACL      *
*                 field as base for data set and general       *
*                 resource profiles.                           *
****************************************************************
* PROBLEM DESCRIPTION: zSecure Admin/Audit might return an     *
*                      empty value for ID lookups from the     *
*                      exploded RACF ACL field.                *
****************************************************************
* RECOMMENDATION: Apply the PTF provided.                      *
****************************************************************
When ID lookup from the exploded RACF ACL field refers a lookup
target in a non-base segment, the lookup might return an empty
value in cases where RACF database is read using indexed I/O.

Problem conclusion

  • zSecure Admin/Audit has been modified so that ID lookup from
the exploded RACF ACL field performs properly in cases where
RACF database is read using indexed I/O.

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    OA64739
    • 

  • Reported component name
    ZSEC BASE,ADMIN
    • 

  • Reported component ID
    5655T0100
    • 

  • Reported release
    250
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2023-04-25
    • 

  • Closed date
    2023-05-24
    • 

  • Last modified date
    2023-06-01
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    
UJ92870
    

    • 



Modules/Macros


    

  • CKRSTORE GKRSTORE

    



Fix information


    

  • Fixed component name
    ZSEC BASE,ADMIN
    • 

  • Fixed component ID
    5655T0100
    • 



Applicable component levels


    

  • R250  PSY  UJ92870
       UP23/05/25  P  F305
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU011","label":"Systems - zSystems software"},"Product":{"code":"SG19O","label":"IBM Security zSecure Admin"},"Platform":[{"code":"PF054","label":"z Systems"}],"Version":"250"}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            01 June 2023
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback