Explanation
The error occurred during 1) the processing of
an OPEN macro instruction or during end-of-volume for a password-protected
data set after the operator attempted to enter a password in response
to message IEC301A or 2) the processing of an OPEN macro instruction
involving a checkpoint data set. A VSAM data set is being opened with
a DCB instead of an ACB.
In the message text:
- rc
- Associates this message with system completion code 913 and with
the return code.
- jjj
- The job name.
- sss
- The step name.
- ddname[-#]
- DDname (followed by a concatenation number if it is part of a
concatenation and not the first DD statement in the concatenation).
- dev
- The device number.
- ser
- The volume serial number.
- mod
- The name of the module in which the error occurred.
- dsname(member(
- The data set name. Member name if specified.
The explanation for the hex return code is as
follows: For RACF® errors, see
message IDC3009I for the return code.
- Return Code
- Explanation
- 04
-
For ISO/ANSI Version 1: An OPEN macro instruction was issued
for a magnetic tape data set with ISO/ANSI labels. The volume accessibility
byte (the eleventh byte) is not blank. This indicates that the label
was not written on an IBM® system
or that it was written by the user. If the volume accessibility byte
is not blank, the tape cannot be used on an IBM system. Make sure that the correct volume
is mounted. If it is the correct volume, it must be recreated for
use on an IBM system.
For
ISO/ANSI Version 3 or Version 4: This message occurs after message
IEC502E with the ddn-c field in the message text
and with c=1, meaning that the mounted volume is the requested volume,
but access to it has been denied.
- 08
-
For ISO/ANSI Version 1: An OPEN macro instruction was issued
for a magnetic tape data set with ISO/ANSI labels. The security byte
in the header label was not blank and not equal to ASCII 1.
This means that the label was not created on an IBM system or was created by the user. Make sure
that the correct volume is mounted. If it is the correct volume, it
must be recreated on an IBM system.
For
ISO/ANSI Version 3 or Version 4: This message occurs after message
IEC502E with the ddn-c field in the message text
and with c=2, meaning that access to the requested data set has been
denied.
- 0C
- An OPEN macro instruction was issued, but either an I/O error
occurred during password verification, or one of the following conditions
occurred:
- For a password-protected data set, the operator failed to supply
the correct password in response to message IEC301A or Time Sharing
Option/Extensions (TSO/E) message IEC113A.
- For a protected VSAM data space that has password-protected or
RACF-protected data or index components, the operator failed to supply
the correct passwords or the user did not have proper RACF authorization.
- For a VSAM data set being opened using a DCB, the DSCB contained
incorrect information.
- 10
- An OPEN macro was issued to the VTOC for output processing by
an unauthorized job step or job-step task. The ability to open the
VTOC for output is restricted to authorized job steps or job step
tasks.
- 14
- An OPEN macro instruction was issued to concatenate checkpoint
and noncheckpoint data sets.
- 18
- An OPEN TYPE=J macro instruction was issued for a magnetic tape
volume. The JFCB was modified to indicate LABEL=BLP (bypass label
processing) and the task was not authorized. BLP can be specified
in the JCL (if the installation allows it via its reader procedure),
but the JFCB cannot be modified to indicate BLP unless the task is
authorized.
- 1C
- The error occurred during processing of an OPEN TYPE=J macro instruction
to a data set residing on a direct access device. The JFCB has been
incorrectly modified or the data set name supplied in the JFCB passed
to OPEN was not available to the job because it was being used by
some other job. Either (1) the data set was being opened for INPUT
and some other job had exclusive control of the data set (either referenced
the data set in a DD control statement with DISP of OLD or MOD, or
issued an OPEN TYPE=J macro instruction with processing option INOUT,
OUTIN, OUTPUT, OUTINX, EXTEND, or UPDATE), or (2) the data set was
being opened for an option other than INPUT (INOUT, OUTIN, OUTPUT,
or UPDATE: requiring exclusive control of the data set) and some other
JOB was using the data set (either referenced the data set in a DD
control statement, or issued an OPEN TYPE=J macro instruction).
- 20
- An OPEN macro instruction was issued using the EXCP access method
in which user-written appendages were required. The appendage names
were not included in the SYS1.PARMLIB member IEAAPP00, and the program
issuing the OPEN was not authorized either under APF, or by being
in a system protect key (0-7).
- 28
- An OPEN macro instruction was issued for a checkpoint data set.
The data set organization was not BPAM or BSAM and the task was not
authorized via the authorized program facility (APF).
- 2C
- An OPEN or OPEN TYPE=J macro instruction was issued to an ISAM
data set defined by two or three DD statements. Either 1) the data
set names coded in the DD statements were not all the same, or 2)
the JFCB passed to OPEN TYPE=J has a data set name different from
that coded in the DD statements. All the DD statements for an ISAM
data set must contain the same data set name. If an OPEN TYPE=J macro
instruction is issued to a DDname referencing an ISAM data set which
is defined by two or three DD statements, the data set name cannot
be altered from that coded in the DD statement, because the JFCBs
for the other DD statements cannot be similarly altered.
- 30
- An OPEN macro instruction was issued to write a data set on a
magnetic tape containing one or more previous data sets. The protection
mode of the data set to be written was different than the protection
mode of the previous data set.
- 34
- The OPEN/EOV volume security exit requested that the volume be
rejected.
- 38
- An OPEN was issued for a RACF-protected data set on a DASD volume
or a RACF-protected tape volume to which the caller was not authorized.
- 3C
- An OPEN was issued for a non VSAM data set with a format-1 DSCB
indicating a discrete RACF-protection, bit DS1IND40 set. RACROUTE
REQUEST=AUTH was issued resulting in SAF, Security Authorization Facility,
return code 4. This indicates the SAF router could neither accept
nor fail the request. Verify the RACF security
function is running on the system and that a discrete profile for
the data set exists in the RACF database.
See z/OS Security Server RACROUTE Macro Reference for
complete explanation for SAF return code 4.
- 40
- A VSAM data space being OPENed is RACF-defined.
- 44
- An OPEN macro was issued to a password-protected data set. However
the system's PASSWORD data set was not valid because it is in large
or extended format.
- 48
- Incorrect specification of PROTECT. PROTECT is specified but the
system tape option is not in effect.
- 4C
- Incorrect specification of PROTECT. PROTECT is specified but the
user is not defined to RACF.
- 50
- Incorrect specification of PROTECT. PROTECT is specified but the
request is for a NL, BLP or LTM tape.
- 54
- Incorrect specification of PROTECT. PROTECT is specified by the
request is for INPUT or INOUT.
- 58
- Incorrect specification of PROTECT. PROTECT is specified but the
volume sequence number or the file sequence number is not equal to
one on a tape with LABEL=SL, SUL, AL or AUL or the tape is being opened
with DISP=MOD (including OPEN options OUTINX and EXTEND).
- 5C
- Incorrect specification of PROTECT. PROTECT is specified but the
volume being used is a public volume.
- 60
- One of the following occurred:
- The user is not authorized to define a data set with the specified
name. The specified data set name and file sequence indicator do
not match the corresponding names in the Tape Volume Table of Contents
(TVTOC).
- The user is not authorized to access this data set.
- 64
- The user is not authorized to specify BLP.
- 68
- One of the following errors occurred:
- The maximum number of allowed data sets in a TVTOC has been exceeded.
- An attempt was made to create a tape data set profile for a tape
volume specifically defined as not allowing a TVTOC.
- An attempt was made to add a duplicate data set to a TVTOC.
- An attempt was made to add a second data set to a tape that has
been defined as only allowing a single data set.
- An attempt was made to add a new data set in the middle of the
tape or tape set.
- 6C
- The user is not authorized to define a data set that is protected
with a general profile.
- 70
- The caller of the open has RACF EXECUTE
authority only. One of the following requirements has been violated:
- The caller must be in supervisor state or the data set must be
a partitioned data set (PDS).
- The access method must not be EXCP.
- 72
- An unexpected return code has been returned from RACF.
- 74
- A security violation occurred when opening a subsystem data set
or z/OS® UNIX file with a DCB. The subsystem was unable
to determine the user had appropriate access.
- For JES3, the problem occurred when a security verification call
failed.
- For a UNIX file, permission
was denied or the user has no access to the file. One possibility
is the user has only read authority to that file but is trying to
open the file for output.
- 78
- An OPEN for a password-protected data set failed because the system's
PASSWORD data set was not valid because it was in extended format
or large sequential data set format.
System action
The task is always ended if the return code is
0C. For all other return codes, the task is ended unless otherwise
specified in the DCB ABEND exit routine.
Operator response
Start a generalized trace facility (GTF) trace,
and re-create the problem. Reply to message AHL100A with:
TRACE=SYS,USR,SLIP
On
the DD statement for the data set in error, specify:
DCB=DIAGNS=TRACE
System programmer response
If the error recurs and the program
is not in error, look at the messages in the job log for more information.
Search problem reporting data bases for a fix for the problem. If
no fix exists, contact the IBM Support
Center. Provide the SYSOUT output for the job.
Programmer response
Probable user error. Correct the errors
causing abnormal end as indicated by the return code in the message
text. Rerun the job.
If rc is 0C for a protected data set,
supply the operator with the correct password or have the correct
password added to the PASSWORD data set and run the job step again.
If
rc is 0C for a protected VSAM data space, supply the operator with
the correct passwords or obtain the proper RACF user authorization for the data and index
components within the data space and run the job step again.
If
rc is 0C and an I/O error occurred, correct the problem causing the
error and run the job step again.
If rc is 14, redefine the
concatenated data sets such that only checkpoint or only noncheckpoint
data sets are in the concatenation.
If rc is 18, probable user
error. Unless your task is authorized, do not modify the JFCB to
indicate BLP.
If rc is 1C, probable user error. If an OPEN
TYPE=J macro instruction is issued to a data set not referenced in
a DD JCL statement, the normal procedures for data set protection
are not performed when the JOB is initiated, but must be performed
at OPEN time when no recovery is possible. The issuer of such an OPEN
TYPE=J must ensure that no other JOB is processing the data set in
a manner which is in conflict with the processing requested by the
OPEN macro instruction. This can best be accomplished by not using
the OPEN TYPE=J macro instruction to open to a data set which is not
already referenced in a DD control statement, and not opening with
a processing option of INOUT, OUTIN, OUTPUT, OUTINX, EXTEND, or UPDATE
unless the DD control statement indicates DISP=OLD or DISP=MOD. Ensure
that the JFDB has not been incorrectly modified.
If rc is 28,
redefine the data set organization to BPAM or BSAM or authorize the
program issuing the OPEN macro instruction under APF.
If rc
is 2C, correct the data set name on the DD statement or do not alter
the data set name in the JFCB before issuing the OPEN TYPE=J macro
instruction.
If rc is 30, all data sets on a tape volume must
have the same security level. Change the requested security level
to match the previous data sets and rerun the job.
If rc is
74, determine why z/OS UNIX system services or the subsystem
gave the security failure. It may be due to opening for output but
only input is allowed or due to not having search authority to the UNIX directory.
For return
code 78, ensure that the PASSWORD data set has a DSNTYPE other than
Extend or Large.
Source
Module
Routing code
Descriptor code