DFHXSxxxx messages

DFHXS0001
applid An abend (code aaa/bbbb) has occurred at offset X'offset' in module modname.
Explanation:

An abnormal end (abend) or program check has occurred in module modname. This implies that there may be an error in the CICS code. Alternatively, unexpected data has been input, or storage has been overwritten.

The code aaa/bbbb is a 3-digit hexadecimal MVS code (if applicable), followed by a 4-digit alphanumeric CICS code. The MVS code is a system completion code (for example, 0C1 or D37). If an MVS code is not applicable, this field is filled with three hyphens. The CICS code is an abend code or a number referring to a CICS message (for example, AKEA is a CICS abend code; 1310 refers to message DFHTS1310).

System action:

An exception entry is made in the trace table. A system dump is taken, unless you have specifically suppressed dumps in the dump table.

CICS continues unless you have specified in the dump table that CICS should terminate. If appropriate, an error return code is sent to the caller of this domain. In this case CICS could be terminated by the caller ( for example, the domain manager, DFHDMDM). A message is issued to this effect.

Message DFHME0116 is normally produced containing the symptom string for this problem.

User response:

Notify the system programmer. If CICS is still running, it is necessary to decide whether to terminate CICS.

Look up the MVS code, if there is one, in the relevant MVS codes manual which is detailed in the book list in the front of this manual.

Next, look up the CICS alphanumeric code in this manual. This tells you, for example, whether the error was a program check, an abend, or a runaway, and may give you some guidance concerning user response.

If module modname is not crucial to the running of your CICS system, you may decide to continue to run and bring CICS down at a convenient time to resolve the problem.

If you cannot run without the full use of module modname you should bring CICS down in a controlled shutdown.

You need further assistance from IBM to resolve this problem. See CICS® Problem Determination Guide for guidance on how to proceed.

Destination:

Console

Modules:

DFHXSAD, DFHXSCL, DFHXSDM, DFHXSFL, DFHXSIS, DFHXSLU, DFHXSPW, DFHXSRC, DFHXSST, DFHXSXM

XMEOUT Parameters: applid, aaa/bbbb, X'offset', modname

DFHXS0002
applid A severe error (code X'code') has occurred in module modname.
Explanation:

An error has been detected in module modname. The code X'code' is the exception trace point id which uniquely identifies what the error is and where the error was detected.

System action:

An exception entry (code X'code' in the message) is made in the trace table. A system dump is taken, unless you have specifically suppressed dumps in the dump table.

CICS continues unless you have specified in the dump table that CICS should terminate. If appropriate, an error return code is sent to the caller of this domain. In this case, CICS could be terminated by the caller (for example, the domain manager, DFHDMDM). A message is issued to this effect.

Message DFHME0116 is normally produced containing the symptom string for this problem.

User response:

This indicates a possible error in CICS code. The severity of its impact depends on the importance of the function being executed at the time of the error.

CICS may not have been terminated. If the message occurs once and module modname is not crucial to the running of your CICS system, you may decide to continue to run and bring CICS down at a convenient time to resolve the problem.

If the message recurs or if you cannot run without the full use of module modname, you should bring CICS down in a controlled shutdown.

You need further assistance from IBM to resolve this problem. See CICS Problem Determination Guide for guidance on how to proceed.

Destination:

Console

Modules:

DFHXSAD, DFHXSCL, DFHXSDM, DFHXSFL, DFHXSIS, DFHXSLU, DFHXSPW, DFHXSRC, DFHXSST, DFHXSXM

XMEOUT Parameters: applid, X'code',modname

DFHXS0004
applid A possible loop has been detected at offset X'offset' in module modname.
Explanation:

A CICS function is taking more time to process than CICS expects. A possible loop has been detected in module modname at offset X'offset'. This is the offset of the instruction which was executing at the time the error was detected.

System action:

An exception entry is made in the trace table. A system dump is taken, unless you have specifically suppressed dumps in the dump table.

CICS continues unless you have specified in the dump table that CICS should terminate. If appropriate, an error return code is sent to the caller of this domain. In this case CICS could be terminated by the caller ( for example, the domain manager, DFHDMDM). A message is issued to this effect.

Message DFHME0116 is normally produced containing the symptom string for this problem.

User response:

Notify the system programmer. If CICS has not been terminated, it is necessary to decide whether the problem is serious enough to bring CICS down.

Since some CICS functions can use a lot of processor time, this message may have been caused by a long-running function. So there may not be an error here. Usually, CICS purges a CICS function which exceeds the runaway task time interval which you have specified in the SIT (this is the ICVR which is measured in milliseconds). This means that module modname in the message is terminated and CICS continues.

But if you have declared ICVR=0 in the SIT and you consider that module modname has gone into a loop, you have to terminate CICS in order to terminate the runaway function.

If CICS has terminated module modname, and you consider that it was not a runaway, you should increase the ICVR time interval in the SIT. You have to bring CICS down at a suitable time to do this permanently. But you can change the ICVR time interval temporarily online, using the CEMT transaction.

If raising the ICVR time does not solve the problem, you will need further assistance from IBM. See CICS Problem Determination Guide for guidance on how to proceed.

Destination:

Console

Modules:

DFHXSAD, DFHXSCL, DFHXSDM, DFHXSFL, DFHXSIS, DFHXSLU, DFHXSPW, DFHXSRC, DFHXSST, DFHXSXM

XMEOUT Parameters: applid, X'offset', modname

DFHXS0006
applid Insufficient storage to satisfy Getmain (code X'code') in module modname. MVS code mvscode.
Explanation:

An MVS GETMAIN was issued by module modname, but there was insufficient storage available to satisfy the request.

The code X'code' is the exception trace point ID which uniquely identifies the place where the error was detected.

The code mvscode is the MVS GETMAIN return code.

System action:

An exception entry is made in the trace table (code X'code'). A system dump is taken, unless you have specifically suppressed dumps in the dump table.

CICS continues unless you have specified in the dump table that CICS should terminate.

If appropriate, an error return code is sent to the caller of this domain. In this case, CICS could be terminated by the caller (for example, the domain manager, DFHDMDM). A message is issued to this effect.

Message DFHME0116 is normally produced containing the symptom string for this problem.

User response:

If CICS has been terminated by another module, look out for the relevant termination messages (from, for example, the domain manager), and look up the user response suggested for these messages.

If CICS is still running, the problem may be a temporary one which rights itself if more storage becomes available. If you can manage without module modname, you may decide to continue and bring CICS down at a convenient time to resolve the problem. If the message recurs or if you cannot run without the full use of all CICS modules, you should bring CICS down in a controlled shutdown.

You can get diagnostic information about the MVS return code by consulting the relevant MVS codes manual which is listed in the book list at the front of this book.

Try decreasing the size limits of the DSAs or EDSAs. Or, try increasing the size of the whole region, if it is not already at maximum size. See the CICS System Definition Guide or the CICS Performance Guide for further information on CICS storage.

Destination:

Console

Modules:

DFHXSAD, DFHXSCL, DFHXSDM, DFHXSFL, DFHXSIS, DFHXSLU, DFHXSPW, DFHXSRC, DFHXSST, DFHXSXM

XMEOUT Parameters: applid, X'code',modname, mvscode

DFHXS0200I
date time applid External security initialization has been successfully tracked.
Explanation:

An external security initialization performed on an active CICS system (via CEMT PERFORM SECURITY, or EXEC CICS SECURITY REBUILD) has been tracked to the XRF alternate system, and has completed successfully.

System action:

None.

User response:

None. You can suppress this message with the system initialization parameter, MSGLVL=0.

Destination:

Console

Modules:

DFHXSWM

XMEOUT Parameters: date, time,applid

DFHXS0201I
date time applid External security initialization has been tracked, and has failed with return code X'xx' and reason code X'yy'.
Explanation:

An external security initialization was performed on an active CICS system by use of a CEMT PERFORM SECURITY, or EXEC CICS SECURITY REBUILD.

The external security initialization has been tracked to the XRF alternate system, but has failed with return code xx and reason code yy.

xx and yy are the values placed in registers 15 and 0 by the external security manager.

System action:

CICS provides a system dump of the XRF alternate system, and continues tracking security initializations.

Message DFHME0116 is normally produced containing the symptom string for this problem.

User response:

The security characteristics of the alternate system no longer match those of the active system. Either shut down the alternate system, perform a security rebuild at takeover, or accept the difference.

Use the return codes in the message, to determine why the security initialization failed.

If the codes are invalid, you will need further assistance from IBM. See CICS Problem Determination Guide for guidance on how to proceed.

Destination:

Console

Modules:

DFHXSWM

XMEOUT Parameters: date, time,applid, X'xx', X'yy'

DFHXS0202
date time applid An attempt to track external security initialization has failed, tracking data could not be sent.
Explanation:

An external security initialization was performed on an active CICS system (via CEMT PERFORM SECURITY, or EXEC CICS SECURITY REBUILD).

It has not been tracked to an alternate system because the tracking data could not be sent.

System action:

CICS provides a system dump of the active, and continues tracking security initializations.

Message DFHME0116 is normally produced containing the symptom string for this problem.

User response:

The security characteristics of the alternate will no longer match those of the active. Either shut down the alternate, perform a security rebuild at takeover, or accept the difference.

Destination:

CSCS

Modules:

DFHXSWM

XMEOUT Parameters: date, time,applid

DFHXS0203
date time applid An attempt to track external security initialization has failed, tracking data could not be received.
Explanation:

An external security initialization was performed on an active CICS system (via CEMT PERFORM SECURITY, or EXEC CICS SECURITY REBUILD).

The external security initialization has not been tracked to an alternate system because the tracking data could not be received.

Message DFHME0116 is normally produced containing the symptom string for this problem.

System action:

CICS provides a system dump of the alternate system, and ceases to track the security initializations.

User response:

The security characteristics of the alternate system no longer match those of the active system. Either shut down the alternate system, perform a security rebuild at takeover, or accept the difference.

Destination:

CSCS

Modules:

DFHXSWM

XMEOUT Parameters: date, time,applid

DFHXS0204
date time applid An attempt to track external security initialization has failed, tracking data was corrupted.
Explanation:

An external security initialization was performed on an active CICS system (via CEMT PERFORM SECURITY, or EXEC CICS SECURITY REBUILD).

It has been tracked to an alternate system but the tracking data was corrupted in transit.

System action:

CICS provides a system dump of the alternate systems, and ceases to track the security initializations.

Message DFHME0116 is normally produced containing the symptom string for this problem.

User response:

The security characteristics of the alternate system no longer match those of the active system. Either shut down the alternate system, perform a security rebuild at takeover, or accept the difference.

Destination:

CSCS

Modules:

DFHXSWM

XMEOUT Parameters: date, time,applid

DFHXS1100I
applid Security initialization has started.
Explanation:

This is an informational message indicating that security domain initialization has started.

System action:

System initialization continues.

User response:

None.

This message can be suppressed with the system initialization parameter MSGLVL=0.

Destination:

Console

Modules:

DFHXSDM

XMEOUT Parameter: applid

DFHXS1101I
applid Security initialization has ended.
Explanation:

This is an informational message indicating that security domain initialization has completed successfully.

System action:

System initialization continues.

User response:

None.

This message can be suppressed with the system initialization parameter MSGLVL=0.

Destination:

Console

Modules:

DFHXSDM

XMEOUT Parameter: applid

DFHXS1102I
applid Security is inactive.
Explanation:

This is an informational message indicating that security is not active.

System action:

System initialization continues.

User response:

None.

This message can be suppressed with the system initialization parameter MSGLVL=0.

Destination:

Console

Modules:

DFHXSDM

XMEOUT Parameter: applid

DFHXS1103I
applid Default security for userid dfltuser has been established.
Explanation:

CICS has established a security environment for the default userid dfltuser.

System action:

The authorities that are assigned to this userid by the external security manager will be used in CICS resource checks whenever no other userid has been established.

User response:

None.

Destination:

Console Routecodes 2, 9 and 11

Modules:

DFHXSDM

XMEOUT Parameters: applid, dfltuser

DFHXS1104
applid Default security could not be established for userid dfltuser. The security domain cannot continue, so CICS is terminated. SAF codes are (X'safresp',X'safreas'). ESM codes are (X'esmresp',X'esmreas').
Explanation:

CICS could not establish a security environment for the default userid dfltuser. The security domain cannot continue without a default user. The response and reason codes (safresp and safreas) returned by the system authorization facility (SAF), and the response and reason codes (esmresp and esmreas) returned by the external security manager (ESM) are those issued by the RACROUTE REQUEST=VERIFY macro.

System action:

CICS terminates.

User response:

Use the external security manager codes to determine why the RACROUTE REQUEST=VERIFY operation failed. Then, either correct the errors for the failing default user and restart CICS, or restart CICS with a different default userid.

Destination:

Console Routecodes 2, 9, 10 and 11

Modules:

DFHXSDM

XMEOUT Parameters: applid, dfltuser, X'safresp', X'safreas', X'esmresp',X'esmreas'

DFHXS1105
applid Resource profiles for class classname have been built.
Explanation:

The security resource profiles for the class classname have been successfully loaded into storage by the external security manager.

System action:

The profiles are used in subsequent resource checks to determine users’ authorizations to access resources in the named class.

User response:

None.

Destination:

Console Routecodes 2, 9, 10 and 11

Modules:

DFHXSRC

XMEOUT Parameters: applid, classname

DFHXS1106
applid Resource profiles could not be built for class classname. CICS is terminated. SAF codes are (X'safresp',X'safreas'). ESM codes are (X'esmresp',X'esmreas').
Explanation:

The security resource profiles for the class classname could not be loaded into storage by the external security manager. The response and reason codes (safresp and safreas) returned by the system authorization facility (SAF), and the response and reason codes (esmresp and esmreas) returned by the external security manager (ESM) are those issued by the RACROUTE REQUEST=LIST macro.

The build of the profiles was requested by one of the following:

System action:

CICS is unable to provide reliable resource security, so it terminates.

User response:

Use the external security manager codes to determine why the RACROUTE REQUEST=LIST operation failed. Rectify the problem in the external security manager, then restart CICS.

Destination:

Console Routecodes 2, 9, 10 and 11

Modules:

DFHXSRC

XMEOUT Parameters: applid, classname, X'safresp', X'safreas', X'esmresp', X'esmreas'

DFHXS1107
applid Partner-LU profiles for class APPCLU have been built.
Explanation:

The partner-LU profiles for the class APPCLU have been successfully loaded into storage by the external security manager.

System action:

The profiles are used in subsequent bind authorization checks for LU6.2 sessions whose CONNECTION definition specifies BINDSECURITY(YES).

User response:

None.

Destination:

Console Routecodes 2, 9, 10 and 11

Modules:

DFHXSRC

XMEOUT Parameter: applid

DFHXS1108
applid Partner-LU profiles could not be built for class APPCLU. SAF codes are (X'safresp',X'safreas'). ESM codes are (X'esmresp',X'esmreas').
Explanation:

The partner-LU profiles for the class APPCLU could not be loaded into storage by the external security manager. CICS therefore has no APPCLU security profiles. The response and reason codes (safresp and safreas) returned by the system authorization facility (SAF), and the response and reason codes (esmresp and esmreas) returned by the external security manager (ESM) are those issued by the RACROUTE REQUEST=LIST macro.

The build of the profiles was requested by one of the following:

System action:

If the failure occurs during CICS initialization or PERFORM SECURITY REBUILD, CICS terminates. If the failure occurs during SET VTAM OPEN, the VTAM ACB is closed and CICS continues.

User response:

Use the external security manager codes to determine why the RACROUTE REQUEST=LIST operation failed. Rectify the problem in the external security manager, then restart CICS.

Destination:

Console Routecodes 2, 9, 10 and 11

Modules:

DFHXSIS, DFHXSRC

XMEOUT Parameters: applid, X'safresp', X'safreas', X'esmresp', X'esmreas'

DFHXS1109
applid APPC PROFILE profile COULD NOT BE AUDITED. SAF CODES ARE (X'safresp',X'safreas'). ESM CODES ARE (X'esmresp',X'esmreas').
Explanation:

An audit request for a partner-LU verification check has failed for profile profile.

During the start-up of an APPC session, each partner can validate the other. During this validation process, the system:

The following events are audited:

The response and reason codes (safresp and safreas) returned by the system authorization facility (SAF), and the response and reason codes (esmresp and esmreas) returned by the external security manager (ESM) are those issued by the RACROUTE REQUEST=AUDIT macro.

System action:

The CICS system is not affected by this event, and CICS continues.

User response:

Use the external security manager codes to determine why the RACROUTE REQUEST=AUDIT operation failed. Correct the problem in the external security manager, then perform a security rebuild, if appropriate.

Note:
This message cannot be changed with the message editing utility.
Destination:

Console Routecode 9

Modules:

DFHXSSB

DFHXS1110
applid Security is requested, but the external security manager is inactive.
Explanation:

Security was requested for this region, but the external security manager (ESM) was found to be inactive. The SEC system initialization parameter was specified as YES or left as its default value. CICS cannot initialize its security manager unless the ESM is active.

System action:

CICS terminates.

User response:

If you have an ESM installed on your system, ensure that it is active before attempting to start CICS. Otherwise, restart CICS without security by specifying SEC=NO as a system initialization parameter. Note that the SEC parameter cannot be entered as a console override.

Destination:

Console Routecodes 1, 9, 10 and 11

Modules:

DFHXSIS

XMEOUT Parameter: applid

DFHXS1111
date time applid tranid Security violation by user userid{ at netname | at console } portname for resource resource in class classname. SAF codes are (X'safresp',X'safreas'). ESM codes are (X'esmresp',X'esmreas').
Explanation:

CICS has detected a security violation by user userid while performing an authority check for resource resource in resource class classname.

If the userid causing the violation is signed on at a VTAM terminal, the phrase "at netname portname" reports the netname at which the violation occurred. If the userid causing the violation is signed on at a console, the phrase "at console portname" reports the console name at which the violation occurred. If the userid causing the violation is not signed on or this is a non terminal task, the entry port does not appear in this message as it is not available.

The response and reason codes (safresp and safreas) returned by the system authorization facility (SAF), and the response and reason codes (esmresp and esmreas) returned by the external security manager (ESM) are those issued by the RACROUTE REQUEST=FASTAUTH or RACROUTE REQUEST=AUTH macros. These return codes are described in the OS/390 MVS Programming: Authorized Assembler Services Guide and in External Security Interface (RACROUTE) Macro Reference for MVS and VM .

CICS can also issue this message when you use the EXEC CICS QUERY SECURITY command with the LOGMESSAGE(LOG) option.

System action:

CICS abnormally terminates the task requesting the invalid access except under one of the following conditions:

User response:

Note the security violation.

Destination:

CSCS

Modules:

DFHXSRC

XMEOUT Parameters: date, time,applid, tranid, userid, {1= at netname , 2= at console }, portname, resource, classname, X'safresp', X'safreas', X'esmresp', X'esmreas'

DFHXS1112
applid The CICS region userid and groupid could not be determined. SAF codes are (X'safresp',X'safreas'). ESM codes are (X'esmresp',X'esmreas').
Explanation:

CICS could not determine the userid and groupid for this CICS region.

The response and reason codes (safresp and safreas) returned by the system authorization facility (SAF), and the response and reason codes (esmresp and esmreas) returned by the external security manager (ESM) are those issued by the RACROUTE REQUEST=EXTRACT macro.

System action:

An exception entry is made in the trace table. A system dump is taken, unless you have specifically suppressed dumps in the dump table.

User response:

Use the external security manager codes to determine why the RACROUTE REQUEST=EXTRACT operation failed. Then, either correct the errors for the failing region userid and groupid, and restart CICS, or restart CICS with a different userid and groupid.

Destination:

Console Routecodes 2, 9, 10 and 11

Modules:

DFHXSIS

XMEOUT Parameters: applid, X'safresp', X'safreas', X'esmresp', X'esmreas'

DFHXS1113
applid The region userid cannot access system transaction tranid. CICS will terminate. SAF codes are (X'safresp',X'safreas'). ESM codes are (X'esmresp',X'esmreas').
Explanation:

The region userid for this CICS system is not authorized to attach the system transaction tranid. It is a CICS requirement that the region userid must be able to access this transaction.

The response and reason codes (safresp and safreas) returned by the system authorization facility (SAF), and the response and reason codes (esmresp and esmreas) returned by the external security manager (ESM) are those issued by the RACROUTE REQUEST=FASTAUTH or AUTH macro.

System action:

CICS terminates.

User response:

Authorize the CICS region userid to access all the required CICS system transactions, or specify a different region userid that does have the required authority. (The required transactions are documented as the ‘Category 1’ transactions in the CICS RACF® Security Guide. To authorize the region userid to use these transactions, you should execute the sample clist DFH$CAT1, as described in the CICS Transaction Server for z/OS® Installation Guide.)

Then restart CICS.

Destination:

Console Routecodes 2, 9, 10 and 11

Modules:

DFHXSRC

XMEOUT Parameters: applid, tranid,X'safresp', X'safreas', X'esmresp',X'esmreas'

Start of changeDFHXS1114I IEnd of change
Start of changedate time applid User userid is not authorized to invoke method methodName(signature) from bean beanName in CORBAServer corbaServer.End of change
Start of change
Explanation:

The user is not authorized to invoke the named method. The userid is not authorized to use any of the roles specified in the <method-permission> section of the deployment descriptor for this method.

End of change
Start of change
System action:

CICS does not execute the specified method. CICS also issues message DFHXS1115 to the system console, which contains further information about the roles to which access is required.

End of change
Start of change
User response:

Determine whether the user userid should be authorized to execute the specified method, and if so, grant the user appropriate permission.

End of change
Start of change
Destination:

CSCS

End of change
Modules:

Start of changeDFHXSEJEnd of change

Start of changeXMEOUT Parameters:End of changeStart of change End of changeStart of changedate, End of changeStart of changetime,End of changeStart of changeapplid, End of changeStart of changeuserid, End of changeStart of changemethodName(signature), End of changeStart of changebeanName, End of changeStart of changecorbaServerEnd of change

Start of changeDFHXS1115End of change
Start of changeapplid USER userid IS NOT AUTHORIZED TO INVOKE {HOME | REMOTE} METHOD method-name FROM BEAN bean-name {FOR APPLICATION application-name} IN CORBASERVER cs-name. USER HAS NO ACCESS TO ANY OF THESE ROLES {FOR METHOD(*)}: role-name-listEnd of change
Start of change
Explanation:

The user userid is not authorized to invoke the method named method-name within the Enterprise Java Bean named bean_name, which is deployed in the Corbaserver named cs-name. If the optional text "FOR APPLICATION application-name" appears in the message, the JAR containing the bean is identified in the deployment descriptor by a <display-name> tag containing application-name.

The user is not authorized to invoke the method because userid does not have READ access to at least one of the roles specified in the <method-permission> section of the deployment descriptor. These roles are listed in role-name-list (which may be empty).

If the optional text "FOR METHOD(*)" appears in the message, the roles in role-name-list apply to the generic method (*), because there are no specific role definitions for method-name in the deployment descriptor.

End of change
Start of change
System action:

CICS does not execute the specified method, and writes a type 80 SMF record to record the violation.

End of change
Start of change
User response:

Determine whether the user userid should be authorized to execute the specified method, and if so, grant the userid READ access to one of the roles named in role-name-list, or add new roles to the deployment descriptor and re-install the DJAR.

Note:
This message cannot be changed with the message editing utility.
End of change
Start of change
Destination:

Console Routecode 9

End of change
Modules:

Start of changeDFHXSSFEnd of change

DFHXS1201
date time applid The password supplied in the verification request for userid userid was invalid. This occurred in transaction tranid when userid userid was signed on at netname netname.
Explanation:

An invalid password was supplied for user verification.

System action:

The external security manager also issues a message on the MVS/ESA security console.

CICS continues. No dump is taken.

User response:

Supply the correct password, or contact your security administrator for assistance. If you continue to supply incorrect passwords, the userid may be revoked by the external security manager. A revoked userid can only be reinstated by a security administrator.

Destination:

CSCS

Modules:

DFHXSPW

XMEOUT Parameters: date, time,applid, userid, tranid, userid, netname

DFHXS1202
date time applid The password supplied in the verification request for userid userid has expired. This occurred in transaction tranid when userid userid was signed on at netname netname.
Explanation:

An expired password was supplied for user verification.

System action:

CICS continues. No dump is taken.

User response:

Change the password using the CICS signon process, the EXEC CICS CHANGE PASSWORD API, or any other method available to you. Alternatively, contact your security administrator for assistance.

Destination:

CSCS

Modules:

DFHXSPW

XMEOUT Parameters: date, time,applid, userid, tranid, userid, netname

DFHXS1203
date time applid The userid supplied in the verification request for userid userid is revoked. This occurred in transaction tranid when userid userid was signed on at netname netname.
Explanation:

A revoked userid was supplied for user verification.

System action:

CICS continues. No dump is taken.

User response:

Contact your security administrator for assistance.

Destination:

CSCS

Modules:

DFHXSPW

XMEOUT Parameters: date, time,applid, userid, tranid, userid, netname

DFHXS1205
date time applid The userid userid supplied in a verification request is not defined in the ESM. This occurred in transaction tranid at netname netname.
Explanation:

An undefined userid was supplied for user verification.

System action:

CICS continues. No dump is taken.

User response:

Contact your security administrator for assistance.

Destination:

CSCS

Modules:

DFHXSPW

XMEOUT Parameters: date, time,applid, userid, tranid, netname

DFHXS1211
date time applid The password supplied in a change password request for userid userid was invalid. This occurred in transaction tranid when userid userid was signed on at netname netname.
Explanation:

An invalid password was supplied for change password processing.

System action:

The external security manager also issues a message on the MVS security console.

CICS continues. No dump is taken.

User response:

Supply the correct password or contact your security administrator for assistance. If you continue to supply incorrect passwords, the userid may be revoked by the external security manager. A revoked userid can only be reinstated by a security administrator.

Destination:

CSCS

Modules:

DFHXSPW

XMEOUT Parameters: date, time,applid, userid, tranid, userid, netname

DFHXS1213
date time applid The userid supplied in a change password request for userid userid is revoked. This occurred in transaction tranid when userid userid was signed on at netname netname.
Explanation:

A revoked userid was supplied on a password change request

System action:

CICS continues. No dump is taken.

User response:

You should have the userid reinstated before it can be used. Contact your security administrator for assistance.

Destination:

CSCS

Modules:

DFHXSPW

XMEOUT Parameters: date, time,applid, userid, tranid, userid, netname

DFHXS1214
date time applid The new password supplied in a change password request for userid userid was not accepted. This occurred in transaction tranid when userid userid was signed on at netname netname.
Explanation:

An invalid new password was supplied on a password change request.

System action:

CICS continues. No dump is taken.

User response:

Select a suitable new password and try again. If necessary, contact your security administrator for assistance.

Destination:

CSCS

Modules:

DFHXSPW

XMEOUT Parameters: date, time,applid, userid, tranid, userid, netname

DFHXS1215
date time applid The userid userid supplied in a change password request is not defined in the ESM. This occurred in transaction tranid at netname netname.
Explanation:

An undefined userid was supplied on a password change request

System action:

CICS continues. No dump is taken.

User response:

Contact your security administrator for assistance.

Destination:

CSCS

Modules:

DFHXSPW

XMEOUT Parameters: date, time,applid, userid, tranid, netname

DFHXS1216
date time applid The userid userid supplied in a change password request has a revoked connection to the default group in the ESM. This occurred in transaction tranid at netname netname.
Explanation:

The userid supplied on a password change request is revoked in the ESM connection to the default group.

System action:

CICS continues. No dump is taken.

User response:

Contact your security administrator for assistance.

Destination:

CSCS

Modules:

DFHXSPW

XMEOUT Parameters: date, time,applid, userid, tranid, netname

Start of changeDFHXS1217End of change
Start of changedate time applid A client certificate has been successfully registered for user userid.End of change
Start of change
Explanation:

A client using the client authentication protocol of Secure Sockets Layer has presented a valid X.509 client certificate and a valid userid and password. CICS has successfully registered the certificate with the specified userid userid..

End of change
Start of change
System action:

The certificate is permanently associated with userid userid in the external security manager's database.

End of change
Start of change
User response:

Whenever the client certificate is used again, userid userid will be assigned to it without further prompting for a userid and password.

End of change
Start of change
Destination:

CSCS

End of change
Modules:

Start of changeDFHXSPWEnd of change

Start of changeXMEOUT Parameters:End of changeStart of change End of changeStart of changedate, End of changeStart of changetime,End of changeStart of changeapplid, End of changeStart of changeuseridEnd of change

Start of changeDFHXS1218End of change
Start of changeapplid The CICS region userid userid is not authorized to access key ring keyring.End of change
Start of change
Explanation:

The KEYRING system initialization parameter has been used to specify a key ring named keyring, but the CICS region userid (userid) does not have sufficient authority to access it.

End of change
Start of change
System action:

If the PARMERR=ABEND system initialization parameter is specified, CICS initialization terminates.

If the PARMERR=IGNORE system initialization parameter is specified, CICS initialization continues without a key ring. CICS does not initialize support for secure sockets layer, is not able to install TCPIPSERVICEs that specify SSL(YES) or SSL(CLIENTAUTH), or CORBASERVERs that specify CERTIFICATE.

If the PARMERR=INTERACT system initialization parameter is specified, you are prompted to enter a new key ring name, but you can only reply with a blank name, which causes CICS to continue initialization without a key ring.

End of change
Start of change
User response:

If CICS is to use the secure sockets layer, the CICS region userid must be given READ access to the IRR.DIGTCERT.LIST and IRR.DIGTCERT.LISTRING resources in the FACILITY class. For further information, see the CICS RACF Security Guide.

End of change
Start of change
Destination:

Console Routecodes 2, 9, 10 and 11

End of change
Modules:

Start of changeDFHXSISEnd of change

Start of changeXMEOUT Parameters:End of changeStart of change End of changeStart of changeapplid, End of changeStart of changeuserid,End of changeStart of changekeyringEnd of change

[[ Contents Previous Page | Next Page Index ]]