IBM Support

CWBLM0011 Error Message with Client Access Emulation or Data Transfer

Technote (troubleshooting)


Problem(Abstract)

What does CWBLM0011 mean? This error message is given if an unexpected internal application error is encountered in the Central Client of Client Access. The Central client is responsible for National Language Support and Licensing.

Resolving the problem

What does CWBLM0011 mean? This error message is given if an unexpected internal application error is encountered in the Central Client of Client Access. The Central client is responsible for National Language Support and Licensing. If the Central Client encounters an unexpected error, CWBLM0011 is shown. This can happen during initial connectivity or when accessing one of the functions that requires a license (Data Transfer or PC5250 Emulation).

Occasionally, this message is caused by a bad installation of the Client Access code (possibly an anti-virus application running during the installation or a unreliable download of a service pack from the Internet). This situation is identified by its limited scope (only those PCs from the same installation or the same service pack) and the consistency of failure across all Windows user profiles.

More commonly, the error message is displayed because of a Windows restriction placed on a resource required by Client Access. Such restrictions are not a native part of the Windows operating system. Today, more and more administrators are placing these restrictions on the general Windows user profiles to control the user environment. If a Windows administrator implements an extra security mechanism (through Policies, NTFS directory/file permission, or REGEDT32 registry security), the Windows Administrator should have in-depth knowledge and perform extensive testing of all applications on the desktop and how they interact with the Windows operating system.

Client Access is a nontrivial, PC-based, client server suite of applications. It makes extensive use of the registry. The installation program creates many registry keys. Restricting an application (such as Client Access) from its own registry hives is not wise. It is not expected that any application works successfully in such an environment. Client Access does not publish every key. Following is a list of registry keys that Client Access requires access to:

HKLM\Software\IBM\Client Access\
HKCU\Software\IBM\Client Access Express\
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\
HKCR\
HKLM\Software\Microsoft\
HKLM\System\CurrentControlSet\

IBM suggests that these keys retain default settings. While most of these keys are accessed for READs, the first three are also updated. If the user signed on Windows cannot write to the first three keys listed, Client Access does not work.

In previous versions of Client Access Express (V4R4, V4R5, and so on), Client Access also wrote to the classes root hive. In Client Access Express V5R1 Service Pack 2 (SI01907), Client Access was changed to minimize interaction with classes root and maximize use of the keys HKLM\Software\IBM\Client Access and HKCU\Software\IBM\Client Access Express. These keys are obviously meant for use by Client Access. They are less likely places for Windows Administrators to add extra security.

Access to these keys can be tested easily. Immediately after receiving the CWBLM0011 error, run REGEDIT and verify access to each key. For the first three keys, try to add a new key. For example, add a new key of TESTKEY to the HKLM\Software\IBM\Client Access key. If the currently signed on Windows user profile does not have write access to Client Access, a sub-key of TESTKEY fails upon creation.

Caution: Changes made to the registry can cause serious problems if not done correctly. Ensure you are confident with making changes to the registry before continuing. It is generally recommended that a backup is performed before modifying the registry.

Adding a TESTKEY key to a Client Access sub-key will not harm Client Access as we will not attempt to read it. If adding the key is successful, it can be deleted afterward.

For assistance in configuring Windows security/authority/restrictions, purchase a consulting agreement. IBM Support Line suggests that the Windows default authority is placed on any registry key that the Client Access product attempts to read or write.

Historical Number

22253232

Document information

More support for: IBM i
Access for Windows

Software version: 5.4.0

Operating system(s): IBM i

Reference #: N1017519

Modified date: 03 July 2013