APAR status
Closed as program error.
Error description
Non-compliant findings for RACF-OS-000210 as DIGTCERT profiles do not have UACC=NONE.
Local fix
N/A
Problem summary
**************************************************************** * USERS AFFECTED: Users of zSecure Audit exploiting the RACF * * STIG compliance control RACF-OS-000210 * * (IBM RACF must define UACC of NONE on all * * profiles). * **************************************************************** * PROBLEM DESCRIPTION: zSecure Audit RACF STIG compliance * * control RACF-OS-000210 might report * * incorrect non-compliant results. * **************************************************************** * RECOMMENDATION: Apply the PTF provided. * **************************************************************** The RACF STIG compliance control RACF-OS-000210 (IBM RACF must define UACC of NONE on all profiles) takes into account the DIGTCERT profiles which don't have UACC=NONE specification. As a result, these profiles are reported as non-compliant.
Problem conclusion
zSecure Audit has been modified so that the RACF STIG compliance control RACF-OS-000210 excludes the DIGTCERT class profiles from processing.
Temporary fix
Comments
APAR Information
APAR number
OA64829
Reported component name
ZSEC BASE,ADMIN
Reported component ID
5655T0100
Reported release
250
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2023-05-09
Closed date
2023-05-11
Last modified date
2023-06-01
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UJ92790
Modules/Macros
CKAHO210
Fix information
Fixed component name
ZSEC BASE,ADMIN
Fixed component ID
5655T0100
Applicable component levels
R250 PSY UJ92790
UP23/05/13 P F305
[{"Business Unit":{"code":"BU011","label":"Systems - zSystems software"},"Product":{"code":"SG19O","label":"IBM Security zSecure Admin"},"Platform":[{"code":"PF054","label":"z Systems"}],"Version":"250"}]
Document Information
Modified date:
02 June 2023