Error CDIS023E when a signon from Sterling Control Center is done to a Sterling Connect:Direct z/OS server and this user is marked as Administrator.
Signon is refused with error CDIS023E
A user that is selected as an Administrator in Sterling Control Center, needs specific rights on the Sterling Connect:Direct server side.
The user must have full administrator rights and be able to do Select Statistics and Select Process commands for all processes - not only for his own submitted processes.
On the Sterling Connect:Direct server side a Stage 2 Security Exit is used with customer related changes that do not meet all the requirements for doing these administrative functions.
Resolving the problem
In the source that is used to generate the Stage 2 exit, check the authorisation bits set for the user profile that this user is linked to.
The bits for this profile must meet the minimum requirements for being an administrator.
These bit settings can be found in the macro delivered with your installation when searching for the string "ADMABM".
If you have done no changes to these settings, the user must have access to this ADMABM profile.
If changes have been done and the user has access to this profile, check that all bits are set correctly.
If the user has access to another profile, check that this profile has the required bits set, or just give this user access to the ADMABM profile.
When running with Connect:Direct 5.0 and earlier the source can be found in:
When running with Connect:Direct 5.1 or later the source can be found in:
Further details how to implement security exits can be found in the Sterling Connect:Direct z/OS Administration Guide.