IBM Mainframe Forum

Mainframe Technical Support Forums

Skip to content


CICS user defining CESN



Support for CICS/ESA, CICS/TS & Transaction Gateway, CICS Configuration Manager and CICS Performance Analyzer
Post a reply

CICS user defining CESN

Postby poojithas » Fri Sep 27, 2013 4:38 pm

Hi, I have a strange scenario where in CESN system transaction is overwritten by a user with same name and installs it, this is causing problem as no one is able to login. Please find below CICS log (MSGUSR). What is missing in the log is user id who signed on to CICS; how is this possible ?.

Select all
DFHZC6907 I 09/26/2013 21:50:01 CICS Autoinstall starting for netname TCPA0011. Network qualified name is MATE.TCPA0011.
DFHZC6908 I 09/26/2013 21:50:01 CICS Autoinstall in progress for netname TCPA0011. TN3270 IP address is 106.200.202.214:16231.
DFHZC5966 I 09/26/2013 21:50:01 CICS INSTALL started for TERMINAL (  0011) (Module name: DFHBSTZ).
DFHZC6935 I 09/26/2013 21:50:01 CICS Autoinstall for terminal 0011 with netname TCPA0011 using model or template DFHLU0E2
           successful.                                                         
DFHZC3461 I 09/26/2013 21:50:01 CICS 0011 CSNE Node TCPA0011 session started.  ((2) Module name: DFHZOPX) 
NQNAME   0011,CSNE,21:50:01,MATE     TCPA0011                                 
TNADDR   0011,CSNE,21:50:01,106.200.202.214:16231                             
0011     CEDA CICSUSER 09/26/13 21:50:50 DEFINE TRANSACTION(CEDA) GROUP(MATE20) PROGRAM(DFHSIGN) TWASIZE(0) PROFILE(DFHCICST)
                                         STATUS(ENABLED) PRIMEDSIZE(0) TASKDATALOC(BELOW) TASKDATAKEY(USER) STORAGECLEAR(NO)
                                         RUNAWAY(SYSTEM) SHUTDOWN(DISABLED) ISOLATE(YES) DYNAMIC(NO) ROUTABLE(NO) PRIORITY(1)
                                         TCLASS(NO) TRANCLASS(DFHTCL00) DTIMOUT(NO) RESTART(NO) SPURGE(NO) TPURGE(NO) DUMP(YES)
                                         TRACE(YES) CONFDATA(NO) OTSTIMEOUT(NO) ACTION(BACKOUT) WAIT(YES) WAITTIME(0,0,0)
                                         INDOUBT(BACKOUT) RESSEC(NO) CMDSEC(NO) EXTSEC(NO) TRANSEC(1) RSL(0)
0011     CEDA CICSUSER 09/26/13 21:51:07 DEFINE TRANSACTION(CESN) GROUP(MATE20) PROGRAM(DFHSIGN) TWASIZE(0) PROFILE(DFHCICST)
                                         STATUS(ENABLED) PRIMEDSIZE(0) TASKDATALOC(BELOW) TASKDATAKEY(USER) STORAGECLEAR(NO)
                                         RUNAWAY(SYSTEM) SHUTDOWN(DISABLED) ISOLATE(YES) DYNAMIC(NO) ROUTABLE(NO) PRIORITY(1)
                                         TCLASS(NO) TRANCLASS(DFHTCL00) DTIMOUT(NO) RESTART(NO) SPURGE(NO) TPURGE(NO) DUMP(YES)
                                         TRACE(YES) CONFDATA(NO) OTSTIMEOUT(NO) ACTION(BACKOUT) WAIT(YES) WAITTIME(0,0,0)
                                         INDOUBT(BACKOUT) RESSEC(NO) CMDSEC(NO) EXTSEC(NO) TRANSEC(1) RSL(0)
DFHXM0105 09/26/2013 21:51:33 CICS TCPA0011 CICSUSER CEDA TRANSACTION definition entry for CESN has been replaced.
DFHRD0104 09/26/2013 21:51:33 CICS TCPA0011 CICSUSER CEDA INSTALL TRANSACTION(CESN)
0011     CEDA CICSUSER 09/26/13 21:51:33 INSTALL TRANSACTION(CESN) GROUP(MATE20)
DFHZC2410 E 09/26/2013 21:51:37 CICS 0011 CSNE Node Unrecoverable. VTAM LOSTERM Error Code X'14'.  ((1) Module name: DFHZLTX)
DFHZC3437 I 09/26/2013 21:51:37 CICS 0011 CSNE Node TCPA0011 action taken: NOCREATE CLSDST ABTASK ABSEND ABRECV ((1) Module name:
           DFHZNAC)                                                             
DFHZC3462 I 09/26/2013 21:51:37 CICS 0011 CSNE Node TCPA0011 session terminated.  ((2) Module name: DFHZCLS)
NQNAME   0011,CSNE,21:51:37,MATE     TCPA0011                                   
DFHZC5966 I 09/26/2013 21:51:37 CICS DELETE started for TERMINAL (  0011) (Module name: DFHBSTZ).
DFHZC6966 I 09/26/2013 21:51:38 CICS Autoinstall delete for terminal 0011 with netname TCPA0011 was successful.
poojithas
 
Posts: 22
Joined: Sun May 05, 2013 7:11 am
Has thanked: 0 time
Been thanked: 0 time
Top

Re: CICS user defining CESN

Postby dick scherrer » Fri Sep 27, 2013 9:21 pm

Hello,

Suggest your organization dis-allow ANY user-written transactions from starting with a 'C' .

You might ask your CICS system support if there is another transaction that will do what CESN does. Some places define these in case someone breaks a transaction.
Hope this helps,
d.sch.
User avatar
dick scherrer
Global moderator
 
Posts: 6268
Joined: Sat Jun 09, 2007 8:58 am
Has thanked: 3 times
Been thanked: 93 times
Top

Re: CICS user defining CESN

Postby BillyBoyo » Fri Sep 27, 2013 9:41 pm

I doubt it has been overwritten, but instead it appears "higher up the search chain".

As Dick has suggested, it is a really, really bad idea to use prefixes which IBM uses.
BillyBoyo
Global moderator
 
Posts: 3804
Joined: Tue Jan 25, 2011 12:02 am
Has thanked: 22 times
Been thanked: 265 times
Top

Re: CICS user defining CESN

Postby poojithas » Sat Sep 28, 2013 1:52 pm

The problem is solved as Dick suggested, we have blocked transaction starting with 'C' for all users in RACF.
Thank you Dick.
poojithas
 
Posts: 22
Joined: Sun May 05, 2013 7:11 am
Has thanked: 0 time
Been thanked: 0 time
Top

Re: CICS user defining CESN

Postby dick scherrer » Mon Sep 30, 2013 6:40 am

You're welcome - good to hear you have a solution.

Thank you for letting us know :)

d
User avatar
dick scherrer
Global moderator
 
Posts: 6268
Joined: Sat Jun 09, 2007 8:58 am
Has thanked: 3 times
Been thanked: 93 times
Top

Re: CICS user defining CESN

Postby jaggz » Fri Oct 04, 2013 8:49 pm

Did you run CAT1 and CAT2 security set up for your CICS ?
User avatar
jaggz
 
Posts: 356
Joined: Fri Jul 23, 2010 8:51 pm
Has thanked: 8 times
Been thanked: 5 times
Top
Post a reply

Return to CICS

 


  • Related topics
    Replies
    Views
    Last post
Forum Rules|FAQ|Subscriptions|Bookmarks