Usage Note 12902: Insufficient access authority when accessing VSAM data set with discrete
profile
In 9.1.2 of the SAS System, you may receive a message similar to the one
below generated in the JES JOBLOG when accessing a VSAM data set with a
discrete profile:
ICH408I USER(userid ) GROUP(group-name) NAME(user-name)
CATALOG.xx CL(DATASET ) VOL(volume-serial)
INSUFFICIENT ACCESS AUTHORITY
ACCESS INTENT(READ ) ACCESS ALLOWED(NONE )
The error written to the SAS Log is:
ERROR: Insufficient authorization to access 'data.set.name'.
New in SAS 9.1.2 is the use of the CSI (Catalog Search Interface) to
obtain the VOLSER of the catalog to pass to RACROUTE for authorization
checking. CSI is a documented interface to retrieve catalog
information, which is faster and more efficient. It is called twice
during the authorization checking for a VSAM file; first to get the
DSNAME of the controlling catalog, and again to get the VOLSER of the
controlling catalog. Then the VOLSER is passed to RACROUTE to determine
if there is sufficient authorization.
Since a RACROUTE request to check authorization is being issued in V8
and above, the insufficient authorization message is legitimate; i.e.
you have no privileges for the resource. To avoid the message, the
system administrator needs to grant an appropriate permission level
(READ) to the controlling catalog via the RACF profile, or if no
permission is granted, restrict access to the resource.
Refer to SAS Note #005145 and #007963 for related information.
Operating System and Release Information
| SAS System | Base SAS | z/OS | 9.1 TS1M2 | |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
| Date Modified: | 2004-08-05 10:19:30 |
| Date Created: | 2004-07-22 11:43:26 |
