Startup and shutdown

SAF interface protected VTS

As specified in Table 25, the VTS Agent for an SAF protected VTS, i.e. with RACF_VTS set to Y, can only be started up or shut down by a userid with ALTER or CONTROL access. However, this does not prevent any user with sufficient authorization from canceling the VTS Agent job or task as this action bypasses all tableBASE security checks.

If the startup or shutdown of a VTS with SAF protection is attempted by a user without sufficient authorization, the following SAF error message will be displayed in the JESMSGLG of the VTS Agent task:

ICH408I USER(userid) GROUP(groupname ) NAME(username)
DK1.VTS.lparname.vtsname CL(FACILITY)
INSUFFICIENT ACCESS AUTHORITY
[FROM resource profile (G)]
ACCESS INTENT(CONTROL) ACCESS ALLOWED(access-allowed)
Note:
Parts of the message in square parentheses ([ ]) will only appear if the resource profile for the VTS falls under a generic profile.

The following tableBASE messages will also be displayed for unauthorized VTS startup and shutdown respectively:

DK100608E Not authorized to start VTS resource: DK1.VTS.lparname.vtsname

DK100639E Not authorized to stop VTS resource: DK1.VTS.lparname.vtsname

Hardware key protected VTS

If the TSRACCESS option for a hardware key protected VTS is not set to RO during VTS Agent startup, it will be automatically forced to RO and the following message will be displayed:

DK100710W TSRACCESS forced to RO: TSR_KEY_PROTECT

If STROBEMETHOD for a hardware key protected VTS is not set to 3 (see Strobe reporting) during VTS Agent startup, the VTS Agent task will fail with the following message:

DK100709E StrobeMethod 3 required for VTS with nonzero TSR_KEY_PROTECT