Page 1 of 1

CICS user defining CESN

PostPosted: Fri Sep 27, 2013 4:38 pm
by poojithas
Hi, I have a strange scenario where in CESN system transaction is overwritten by a user with same name and installs it, this is causing problem as no one is able to login. Please find below CICS log (MSGUSR). What is missing in the log is user id who signed on to CICS; how is this possible ?.

DFHZC6907 I 09/26/2013 21:50:01 CICS Autoinstall starting for netname TCPA0011. Network qualified name is MATE.TCPA0011.
DFHZC6908 I 09/26/2013 21:50:01 CICS Autoinstall in progress for netname TCPA0011. TN3270 IP address is 106.200.202.214:16231.
DFHZC5966 I 09/26/2013 21:50:01 CICS INSTALL started for TERMINAL (  0011) (Module name: DFHBSTZ).
DFHZC6935 I 09/26/2013 21:50:01 CICS Autoinstall for terminal 0011 with netname TCPA0011 using model or template DFHLU0E2
           successful.                                                         
DFHZC3461 I 09/26/2013 21:50:01 CICS 0011 CSNE Node TCPA0011 session started.  ((2) Module name: DFHZOPX) 
NQNAME   0011,CSNE,21:50:01,MATE     TCPA0011                                 
TNADDR   0011,CSNE,21:50:01,106.200.202.214:16231                             
0011     CEDA CICSUSER 09/26/13 21:50:50 DEFINE TRANSACTION(CEDA) GROUP(MATE20) PROGRAM(DFHSIGN) TWASIZE(0) PROFILE(DFHCICST)
                                         STATUS(ENABLED) PRIMEDSIZE(0) TASKDATALOC(BELOW) TASKDATAKEY(USER) STORAGECLEAR(NO)
                                         RUNAWAY(SYSTEM) SHUTDOWN(DISABLED) ISOLATE(YES) DYNAMIC(NO) ROUTABLE(NO) PRIORITY(1)
                                         TCLASS(NO) TRANCLASS(DFHTCL00) DTIMOUT(NO) RESTART(NO) SPURGE(NO) TPURGE(NO) DUMP(YES)
                                         TRACE(YES) CONFDATA(NO) OTSTIMEOUT(NO) ACTION(BACKOUT) WAIT(YES) WAITTIME(0,0,0)
                                         INDOUBT(BACKOUT) RESSEC(NO) CMDSEC(NO) EXTSEC(NO) TRANSEC(1) RSL(0)
0011     CEDA CICSUSER 09/26/13 21:51:07 DEFINE TRANSACTION(CESN) GROUP(MATE20) PROGRAM(DFHSIGN) TWASIZE(0) PROFILE(DFHCICST)
                                         STATUS(ENABLED) PRIMEDSIZE(0) TASKDATALOC(BELOW) TASKDATAKEY(USER) STORAGECLEAR(NO)
                                         RUNAWAY(SYSTEM) SHUTDOWN(DISABLED) ISOLATE(YES) DYNAMIC(NO) ROUTABLE(NO) PRIORITY(1)
                                         TCLASS(NO) TRANCLASS(DFHTCL00) DTIMOUT(NO) RESTART(NO) SPURGE(NO) TPURGE(NO) DUMP(YES)
                                         TRACE(YES) CONFDATA(NO) OTSTIMEOUT(NO) ACTION(BACKOUT) WAIT(YES) WAITTIME(0,0,0)
                                         INDOUBT(BACKOUT) RESSEC(NO) CMDSEC(NO) EXTSEC(NO) TRANSEC(1) RSL(0)
DFHXM0105 09/26/2013 21:51:33 CICS TCPA0011 CICSUSER CEDA TRANSACTION definition entry for CESN has been replaced.
DFHRD0104 09/26/2013 21:51:33 CICS TCPA0011 CICSUSER CEDA INSTALL TRANSACTION(CESN)
0011     CEDA CICSUSER 09/26/13 21:51:33 INSTALL TRANSACTION(CESN) GROUP(MATE20)
DFHZC2410 E 09/26/2013 21:51:37 CICS 0011 CSNE Node Unrecoverable. VTAM LOSTERM Error Code X'14'.  ((1) Module name: DFHZLTX)
DFHZC3437 I 09/26/2013 21:51:37 CICS 0011 CSNE Node TCPA0011 action taken: NOCREATE CLSDST ABTASK ABSEND ABRECV ((1) Module name:
           DFHZNAC)                                                             
DFHZC3462 I 09/26/2013 21:51:37 CICS 0011 CSNE Node TCPA0011 session terminated.  ((2) Module name: DFHZCLS)
NQNAME   0011,CSNE,21:51:37,MATE     TCPA0011                                   
DFHZC5966 I 09/26/2013 21:51:37 CICS DELETE started for TERMINAL (  0011) (Module name: DFHBSTZ).
DFHZC6966 I 09/26/2013 21:51:38 CICS Autoinstall delete for terminal 0011 with netname TCPA0011 was successful.

Re: CICS user defining CESN

PostPosted: Fri Sep 27, 2013 9:21 pm
by dick scherrer
Hello,

Suggest your organization dis-allow ANY user-written transactions from starting with a 'C' .

You might ask your CICS system support if there is another transaction that will do what CESN does. Some places define these in case someone breaks a transaction.

Re: CICS user defining CESN

PostPosted: Fri Sep 27, 2013 9:41 pm
by BillyBoyo
I doubt it has been overwritten, but instead it appears "higher up the search chain".

As Dick has suggested, it is a really, really bad idea to use prefixes which IBM uses.

Re: CICS user defining CESN

PostPosted: Sat Sep 28, 2013 1:52 pm
by poojithas
The problem is solved as Dick suggested, we have blocked transaction starting with 'C' for all users in RACF.
Thank you Dick.

Re: CICS user defining CESN

PostPosted: Mon Sep 30, 2013 6:40 am
by dick scherrer
You're welcome - good to hear you have a solution.

Thank you for letting us know :)

d

Re: CICS user defining CESN

PostPosted: Fri Oct 04, 2013 8:49 pm
by jaggz
Did you run CAT1 and CAT2 security set up for your CICS ?