ICH427I

Explanation
 The profile that protects the data set has a conditional
access list that would grant access by way of the WHEN(PROGRAM) if
BASIC PGMSECURITY was in effect.  However, ENHANCED PGMSECURITY  is
in effect and the environment was established by a program that did
not have the MAIN attribute.  This would normally cause RACF® to reject use of the conditional access
list entry, but RACF allowed
it because the administrator enabled WARNING mode for ENHANCED PGMSECURITY.
 This access fails if the administrator instead enabled ENHANCED mode
of PGMSECURITY.

System action
 RACF allows
the requested access, but issues the warning message.

Routing code
9 and 11

Descriptor code
6

RACF Security
Administrator Response
Or user Response: 
Verify
that the first program executed in this  execution environment (jobstep,
or specified on TSOEXEC command or by way of the IKJEFTSR service)
has a  PROGRAM profile that specifies the MAIN attribute.  If not,
redefine the program to have MAIN, if it is a program that you trust
to maintain the environment properly for using conditional access,
or change the way you invoke the program (for example, under TSO consider
 invoking the program by using the TSOEXEC command), or change the
option to  BASIC PGMSECURITY mode, or define the program as one that
needs BASIC PGMSECURITY mode  by defining it with a specific PROGRAM
profile that has an APPLDATA value of BASIC.  Using a PROGRAM profile
with BASIC provides less security, but might be necessary for some
programs where you cannot use TSOEXEC.
Do not enable the failure
mode of ENHANCED PGMSECURITY before you resolve this message, or accesses
fail.

Explanation

System action

Routing code

Descriptor code

RACF Security Administrator Response