If RACF can find neither a specific nor generic profile, it returns a "no profile found" condition. CICS treats this return code exactly the same as the "user not authorized" return code, and returns the NOTAUTH condition to the CICS application program. If RACF cannot find the APPL class, it returns a "READ access intent" condition.
RDEFINE DCICSDCT * UACC(NONE)
prevents access to any transient data
queue not covered by any of the other profiles defined to RACF, and results
in RACF writing an SMF record.RDEFINE FCICSFCT * UACC(READ)
If you are using generic profiles, ensure that generic profile checking has been activated for the CICS RACF resource classes (both the IBM®-supplied classes and any installation-defined classes added to the RACF class descriptor table) by issuing a SETROPTS GENERIC(classname) command for any one of the CICS classes having the same POSIT value. This ensures generic checking for all other CICS classes with the same POSIT value. If you change a generic profile, you must issue a SETROPTS GENERIC(classname) REFRESH command. For more information about POSIT values and defining generic classes, see the z/OS Security Server RACF System Programmer's Guide.