PI52200: CCF TO VALIDATE WHETHER A USER HAS RACF AUTHORITY TO EXECUTE AN IMS COMMAND TO A SPECIFIC CCF GROUP OR IMS SSID

Obtain the fix for this APAR.

APAR status

• Closed as new function.

Error description

• CCF does not validate that an IMS command can be successfully
  executed within each of the specified IMS systems within the
  specified CCF Group.
  With this New Function RACF checking would cover the following
  -ISPF CCF ISPF interface Option ?C? ? Issue IMS Commands
  -CCF Batch
  -CCF API
  A RACF FACILITY class resource similar to those defined in Ch
  8. of the CCF User Guide would be used to protect execution of
  commands against the CCF group or IMSID.
  -E.g. RDEF FACILITY CCF.EXECMD.CCFgroup|IMSID UACC(NONE)
  ?..etc.
  -PE CCF.EXECMD.CCFgroup|IMSID CLASS(FACILITY) ACCESS(READ)
  ID(?..etc.
  This is a front end check only.  Actual checking for IMSID and
  individual commands would be done at the backend such as OM
  security exit etc.
  -Passing this new check does not guarantee that an individual
  command will not be subsequently rejected by an OM security exit
  or IMS SSID.
  -For a CCF group, individual IMS subsystems comprising the group
  would not be checked.
  -Other options on the CCF ISPF interface panel should be
  protected as per Ch.8.
  

Local fix

• New Function
  

Problem summary

• ****************************************************************
  * USERS AFFECTED: Users of Command Control Facilities V2.2     *
  ****************************************************************
  * PROBLEM DESCRIPTION: CCF to validate whether a user has RACF *
  *                      authority to execute an IMS command to  *
  *                      a specific CCF group or IMS SSID        *
  ****************************************************************
  * RECOMMENDATION:                                              *
  ****************************************************************
  CCF to validate whether a user has RACF authority to execute an
  IMS command to a specific CCF group or IMS SSID.
  

Problem conclusion

Temporary fix

Comments

• This enhancement validates whether a user has the RACF authority
  to execute an IMS Command to a specific CCF group or IMS SSID.
  

APAR Information

• APAR is sysrouted FROM one or more of the following:

• APAR is sysrouted TO one or more of the following:

  UI37587

Modules/Macros

•    CCFCAPI0 CCFEXEC0 CCFREDO0 CCF9CMD0
  

Fix information

• Fixed component name

  IMS COMMAND CTL

• Fixed component ID

  5655F4000

Applicable component levels

• R220 PSY UI37587

     UP16/05/17 P F605

Fix is available

• Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.