Authorizing the region user ID to access category 1 transactions

To enable CICS® to start using external security, you must first have authorized the CICS region user ID to access the category 1 system transactions. If the region user ID does not have this authority at CICS startup, CICS issues message DFHXS1113 for each unauthorized category 1 system transaction and ends with message DFHXS1404.

To give the region user ID the authority to access the category 1 system transactions, edit and submit the sample job stream in Figure 1 to run the CICS-supplied sample CLIST, DFH$CAT1. This job uses the RACF® commands in the CLIST to update the RACF database.

Only a user with the appropriate RACF authority can run the CLIST to update the RACF database.

Figure 1. Batch job to run the sample CLIST, DFH$CAT1

//RACFMIG  JOB 'accounting information',
//             CLASS=A,USER=userid,PASSWORD=password
//DEFINE   EXEC PGM=IKJEFT01
//SYSPRINT DD SYSOUT=A
//SYSTSPRT DD SYSOUT=A
//SYSUDUMP DD SYSOUT=A
//SYSTSIN  DD *
 EXEC 'CICSTS56.CICS.SDFHSAMP(DFH$CAT1)' LIST
/*
//