The Security Services subcomponent has been successfully initialized.
CMAS initialization continues.
None.
EYULOG
EYU0CRIN
The Security Services long running task (LRT) has been successfully initialized.
The initialization of Security Services subcomponent continues.
None
EYULOG
EYU0CRLT
The Security Services long running task (LRT) has been terminated.
Termination of the Security Services subcomponent continues.
None.
EYULOG
EYU0CRLT
The Security Services subcomponent could not be initialized.
CMAS initialization terminates. A user trace record is written to the CICS® trace data set.
Collect the exception trace records and the job log, and contact your IBM® Support Center.
Console, job log, EYULOG
EYU0CRIN
The Security Services long running task (LRT) encountered an error from which it could not recover.
The LRT terminates. The CMAS may continue running without the services of the LRT.
Stop and restart the CMAS where the failure occurred. If the problem persists, collect any exception trace records, the job log, and CICS or MVS™ dump output, if available, and contact your IBM Support Center.
Console, job log, EYULOG
EYU0CRLT
The CMAS is running without any security checking, as requested in its startup job.
CMAS processing continues.
If you want the CMAS to use security, then specify SEC(YES) in the EYUPARM member for the CMAS If SEC is not specified, the default is SEC(NO). Then stop and restart the CMAS.
Console, job log, EYULOG
EYU0CRIN
The specified MAS was started with a CICS SIT parameter of SEC=YES, but the CMAS that manages it was started with an EYUPARM parameter of SEC(NO). A CMAS that has security disabled cannot provide security processing for any of its MASs.
The connection between the MAS and CMAS is terminated. The CICS system continues to run, but it is not known to CICSPlex® SM.
If you want security to be active in the MAS, change the SEC parameter for the CMAS that manages it to YES. If you decide you do not want security for the MAS, change its SEC parameter to NO. Then stop and restart the CMAS or MAS, as appropriate.
Console, job log, EYULOG
EYU0CRSC
A CMAS was being initialized with both the CICS SIT parameter SEC=YES and the CICSPlex SM system parameter SEC(YES) specified. To ensure proper security checking by CICSPlex SM, the following CICS SIT parameters for a CMAS must all be set to NO:
The external security manager (ESM) resource lists cannot be correctly referenced by both CICS and CICSPlex SM.
CMAS initialization terminates.
If you want to use both CICS and CICSPlex SM security in a CMAS, make sure the XCMD=, XDCT=, XFCT=, XJCT=, XPCT=, and XPPT= CICS SIT parameters are all set to NO. Then restart the CMAS.
Console, job log, EYULOG
EYU0CRIN
A security check has occurred, where:
The CICSPlex SM CMAS system parameter SECLOGMSG must be set to YES or ALL for this message to be issued.
If access to the resource is not permitted by the External Security Manager, the request will fail. Typically the response from an API or WUI request would be NOTPERMIT with a reason of USRID.
None if access is being correctly disallowed. If access is being incorrectly disallowed, use the information in the message to determine what resource is being checked, and why the ESM is not allowing access.
EYULOG
EYU0CRCK
A security rebuild has been requested. This request has not been actioned, as the External Security Manager (ESM) must be used to refresh the security profiles used by the CMAS.
None.
Use the facilities provided by the ESM to refresh the security profiles. For example, RACF users could issue the TSO command:
SETROPTS RACLIST(xxxxxxxx) REFRESH
where xxxxxxxx is the name of the RACF class to refresh.
EYULOG
EYU0CRLT