SEFM* - ADASAF SAF Interface and SAF Security Kernel Messages

ADASAF displays an eight-byte code containing various return codes from SAF. This information is shown in a number of messages denoted ssssssss.

The ADASAF return code "ssssssss" contains the following structure:

Position Information Content
Byte: 1 SAF return code
Byte: 2
Function code. ADASAF internal function codes (hex) include:
04 Authorize Adabas access
44 or 6C Authenticate user
Byte: 3 Return code from security system, for example RACF
Byte: 4 Reason code from security system, for example RACF
Bytes: 5 - 8 SAF reason code

Refer to the IBM manual External Security Interface (RACROUTE) Macro Reference manual for z/OS for a thorough explanation of all possible return/reason codes. CA-Top Secret and CA-ACF2 can provide different return code values in some circumstances.

The following message groups are described:


Messages Displayed on the Operator Console and System Message Data Sets (SEFM001 - SEFM255)

The following messages are displayed on the operator console and system message datasets. The messages may be issued by the SAF Security Kernel component (in a daemon, an Adabas nucleus or an Entire Net-Work node) or by another product into which SAF Security is installed, such as Natural or Entire Broker.

Meldungen im Überblick

BLS0334 | SEFM001 | SEFM002 | SEFM004 | SEFM006 | SEFM008 | SEFM009 | SEFM013 | SEFM014 | SEFM015 | SEFM016 | SEFM017 | SEFM020 | SEFM021 | SEFM025 | SEFM026 | SEFM028 | SEFM029 | SEFM030 | SEFM031 | SEFM041 | SEFM049 | SEFM050 | SEFM051 | SEFM205 | SEFM210 | SEFM255
BLS0334 SYMBOL 'NETSAF' CANNOT BE FOUND. LOADING ABORTED
Erläuterung

This message should be ignored.


SEFM001 ssssssss : user : resource
Erläuterung

The security system determined that the user identified in the message ( user) does not have authorization for the resource listed in the message (resource). System return and reason codes are given in the hexadecimal string ssssssss. This message is displayed when access has been denied to a particular resource.


SEFM002 *XX to request FF : user : resource
Erläuterung

An unexpected response code (XX) was received from the SAF Security Kernel for the user identified in the message (user) when requesting function FF to be performed on the resource specified in the message (resource).


SEFM004 *Natural programs not extracted
Erläuterung

The SAF Security Kernel was not able to extract a list of protected program objects from the security system on behalf of Natural users.

Empfohlene Handlung

Obtain a trace of SAF call RACROUTE EXTRACT from the security system and contact your Software AG technical support representative. ACF2 and Top Secret users should ensure that the protected programs have been extracted from the security system and supplied to the SAF Security Kernel via the SEFEXT DD statement in the daemon started task JCL.


SEFM006 *ADARSP XX(xx) to request FF : user
Erläuterung

The SAF Security Kernel returned the Adabas response code (XX) and subcode (xx) shown in the message to request FF for the user shown in the message (user).

Empfohlene Handlung

Ensure that the SAF Kernel started task is active. Check its output for error messages. Take the necessary remedial action indicated by the Adabas response code.


SEFM008 *SAF Gateway (Vv.r) started
* SAF Security Kernel (Vx.x.x - BUILD xxxx) started
Erläuterung

Entire Net-Work SAF Security Interface (ADASAF) startup completed or the SAF Security Kernel initialized successfully.

Empfohlene Handlung

No action is required for this informational message.


SEFM009 Module module-name not loaded
Erläuterung

Entire Net-Work SAF Security Interface could not load the module listed in the message (module-name).

Empfohlene Handlung

Ensure that the module is in the STEPLIB and that the region size is sufficient.


SEFM013 *Less {memory | storage} acquired than specified
Erläuterung

The SAF Security Kernel or the Entire Net-Work SAF Security Interface (ADASAF) were not able to allocate all the memory or storage required to satisfy the buffer size specified in its parameters. Operation continues.

Empfohlene Handlung

Ensure that the region size is sufficient and the parameters are appropriate.


SEFM014 *No {memory | storage}could be acquired
Erläuterung

Entire Net-Work SAF Security Kernel or the SAF Security Interface (ADASAF) could obtain no storag or memory at system startup. Operation has terminated.

Operation has terminated.

Empfohlene Handlung

Ensure that the region size is sufficient and system parameters are appropriate.


SEFM015 *Logic error - XXXX for request FF : user
Erläuterung

The SAF Security Kernel suffered an internal error. A general restart is performed and the operation continues.

Empfohlene Handlung

Keep all information written to DDPRINT and contact your Software AG technical support representative.


SEFM016 *SAF logoff failed ssssssss ACEE AAAA : user
Erläuterung

The SAF Security Kernel was unable to logoff user from the security system. The SAF error code is ssssssss.

Empfohlene Handlung

Contact your Software AG technical support representative.


SEFM017 *Insufficient space to initialize - make Natural buffer XX
Erläuterung

The Natural SAF interface requires a larger value to be specidied for NSFSIZE.

Empfohlene Handlung

Increase the Natural NSFSIZE parameter.


SEFM020 *GETMAIN failed / IDSIZE error
Erläuterung

The Natural SAF interface could not acquire storage from the designated IDMSBUF.

Empfohlene Handlung

Increase Natural region and/or thread size.


SEFM021 *Illegal storage use / relocation problem
Erläuterung

Internal problem in Natural SAF storage use.

Empfohlene Handlung

Contact your Software AG technical support representative.


SEFM025 *Natural IDMSBUF parameter is not defined
Erläuterung

The Natural NSFSIZE parameter has not been specified.

Empfohlene Handlung

Ensure NSFSIZE is set correctly in the Natural parameters.


SEFM026 *Natural protected programs not extracted code: XX
Erläuterung

The list of protected programs could not be returned from the SAF Security Kernel to Natural.

Empfohlene Handlung

Ensure the same copy of the configuration module SAFCFG is used by all system components. Check that the GWSTYP parameter defined in SAFI010 and STY parameter in SAFI020 are both correctly set for the installed security system and that all installation requirements have been met.


SEFM028 *System files not found in environment table
Erläuterung

The current Natural system files were not matched in the table defining all possible system file sets.

Empfohlene Handlung

Ensure that the environment definitions in Natural Security are correct.


SEFM029 *Error in communications layer - check installation procedure
Erläuterung

Possible reasons for error: Adabas link module installed into this component is not reentrant.


SEFM030 *SQL table / VIEview could not be identified for file (XX,YY)
Erläuterung

Interface could not identify table name for DBID/FNR of an SQL request.

Empfohlene Handlung

Ensure interface is correctly installed, then contact your Software AG technical support representative.


SEFM031 *DBID / FNR identified with SQL request not recognized XXXX
Erläuterung

Interface component could not determine the DBID/FNR associated with this SQL request.

Empfohlene Handlung

Contact your Software AG technical support representative.


SEFM041 *Interface installed for Net-work
Erläuterung

The interface is installed for operation with Entire Net-Work.

Empfohlene Handlung

No action is required for this informational message.


SEFM049 *User type T not permitted by installed options
Erläuterung

The SAF Kernel will not permit user type T to operate using the currently installed options.


SEFM050 *Error writing SMF record : XX
Erläuterung

The stated error occurred when an SMF record was being written.


SEFM051 *SAFPRINT dataset not defined, DDPRINT will be used
Erläuterung

SAFPRINT=Y is set in SAFCFG, but no SAFPRINT dataset is defined.


SEFM205 *CPU identity : cpuid
Erläuterung

The interface component linked to Entire Net-Work displays the CPU ID of the host machine.

Empfohlene Handlung

No action is required for this informational message.


SEFM210 *SAF Gateway is active for Entire Net-Work
Erläuterung

The Entire Net-Work SAF Security Interface is active.

Empfohlene Handlung

No action is required for this informational message.


SEFM255 *Unauthorized use of request
Erläuterung

Attempted illegal use of security request.

Empfohlene Handlung

Contact your Software AG technical support representative.


Operator Command Messages (SEFM900+ Series)

The following messages are displayed in response to operator commands:

Meldungen im Überblick

SEFM900 | SEFM901 | SEFM902 - 905 | SEFM909 | SEFM910 | SEFM911 | SEFM913 | SEFM914 | SEFM915 | SEFM916 | SEFM918 | SEFM919 | SEFM920 | SEFM921 | SEFM922 | SEFM923 | SEFM924 | SEFM928 | SEFM929
SEFM900 * Operator issued command: command
Erläuterung

Entire Net-Work SAF Security Interface (ADASAF) or the SAF Security Kernel received the operator command identified in the message.

Empfohlene Handlung

No action is required for this informational message.


SEFM901 * SAF server - General statistics (at hhhhhhhh)
* SAF Security Kernel - General statistics (at hhhhhhhh)
Erläuterung

The operator command for general statistics was issued. Here is an example of the statistics messages produced for the SAF server:

SEFM901 * SAF SERVER - GENERAL STATISTICS (AT hhhhhhhh)
SEFM902 * RESOURCE    CHECK(+VE) CHECH(-VE) CHECK SAVED OVERWRITES LEN
SEFM903 * APPLICATION         1          0          0           0    8
SEFM903 * ADABAS              0          0          0           0   32
SEFM903 * SYSMAIN             0          0          0           0   13
SEFM903 * SYSTEM FILE         2          0          0           0   24
SEFM903 * PROGRAM             0          0          0           0   17
SEFM903 * BROKER              0          0          0           0   32
SEFM903 * NET-WORK            0          0          0           0    0
SEFM903 * SQL SERVER          0          0          0           0    0
SEFM904 * USERS - ACTIVE: 1 FREE: 55 OVEWRITES: 0

Here is an example of the statistics messages produced for the SAF Security Kernel:. The address in the first line is the address of the SAF Kernel's storage cache.

SEFM901 * SAF SECURITY KERNEL - SERVER STATISTICS (AT 12C47000)
SEFM902 * RESOURCE    CHECK(+VE) CHECH(-VE) CHECK SAVED OVERWRITES LEN
SEFM903 * APPLICATION        10          0          0           0    8
SEFM903 * DBMS CHECK          0          0          0           0   17
SEFM903 * SYSMAIN             0          0          0           0   21
SEFM903 * SYSTEM FILE         2          0          0           0   40
SEFM903 * PROGRAM             0          0          0           0   17
SEFM903 * BROKER              0          0          0           0   68
SEFM903 * NET-WORK            0          0          0           0   17
SEFM903 * SQL SERVER          0          0          0           0   32
SEFM904 * CACHED USERS:       1 HIGH WATERMARK:     1 MAX USERS:  5545
SEFM905 * OVERWRITES:         0 AUTHENTICATED:      0 DENIED:        0
Empfohlene Handlung

No action is required for this informational message.


SEFM902 - 905 statistics
Erläuterung

Various statistics for the SAF server and the SAF Security Kernel are displayed. See message SEFM901.

Empfohlene Handlung

No action is required for this informational message.


SEFM909 * {SAF Gateway | SAF Security Kernel} - shutdown initiated
Erläuterung

The operator issued a command to shut down Entire Net-Work SAF Security Interface or the daemon started task (SAF Security Kernel). This message is also issued when a secure Adabas nucleus, Net-Work node or Adabas SQL server terminates.

Empfohlene Handlung

No action is required for this informational message.


SEFM910 *{SAF Server | SAF Security Kernel} - list all active users
Erläuterung

The operator issued a command to display a list of currently active users.

The following is a sample of the output produced for the SAF server:

SEFM910 * SAF SERVER - LIST ALL ACTIVE USERS
SEFM911 * USERID      CHECK(+VE) CHECH(-VE) CHECK SAVED OVERWRITES BUFF
SEFM912 * K11079              3          0          0           0   0

The following is a sample of the output produced for the SAF Security Kernel:

SEFM910 * SAF GATEWAY - LIST ALL ACTIVE USERS
SEFM911 * USERID CHECK(+VE) CHECH(-VE) CHECK SAVED OVERWRITES BUFF
SEFM912 * K11079         3          0          0           0   0
Empfohlene Handlung

No action is required for this informational message.


SEFM911 *userid . . .
Erläuterung

The operator issued a command to display statistics specific to a currently active user.

The following is a sample of the output produced for the SAF server:

SEFM911 * NXB         CHECK(+VE) CHECH(-VE) CHECK SAVED OVERWRITES  BUFF
SEFM912 * APPLICATION         1          0          0           0    0
SEFM912 * DBMS CHECK          0          0          0           0    0
SEFM912 * SYSMAIN             0          0          0           0    0
SEFM912 * SYSTEM FILE         2          0          0           0    0
SEFM912 * PROGRAM             0          0          0           0    0
SEFM912 * BROKER              0          0          0           0    0
SEFM912 * NET-WORK            0          0          0           0    0
SEFM912 * SQL SERVER          0          0          0           0    0

The following is a sample of the output produced for the SAF Security Kernel:

SEFM911 * SJU         CHECK(+VE) CHECH(-VE) CHECK SAVED OVERWRITES  BUFF
SEFM912 * APPLICATION        10          0            0           0   10
SEFM912 * DBMS CHECK          0          0            0           0    0
SEFM912 * SYSMAIN             0          0            0           0    0
SEFM912 * SYSTEM FILE         2          0            0           0    2
SEFM912 * PROGRAM             0          0            0           0    0
SEFM912 * BROKER              0          0            0           0    0
SEFM912 * NET-WORK            0          0            0           0    0
SEFM912 * SQL SERVER          0          0            0           0    0
Empfohlene Handlung

No action is required for this informational message.


SEFM913 * No active users found in SAF {Server | Gateway | Security Kernel}
Erläuterung

No active users were found in Entire Net-Work SAF Security Interface (ADASAF) or in the SAF Security Kernel.

Empfohlene Handlung

No action is required for this informational message.


SEFM914 * Requested user userid not found in SAF {Server | Gateway | Security Kernel}
Erläuterung

The requested user was not found in the Entire Net-Work SAF Security Interface (ADASAF) or in the SAF Security Kernel.

Empfohlene Handlung

No action is required for this informational message.


SEFM915 SEFM915 * SAF Security Kernel - snap of server memory
Erläuterung

This message is issued in response to an SSNAP operator command and is followed by a sequence of SEFM916 messages.

Empfohlene Handlung

No action is required for this informational message.


SEFM916 * hhhhhhhh hhhhhhhh hhhhhhh hhhhhhhh hhhhhhhh.x..X.Y/
Erläuterung

This message contains the results of an SSNAP command. Each SSNAP snaps up to 256 bytes and shows the address, the hexadecimal storage contents, and the interpretation.

Empfohlene Handlung

No action is required for this informational message.


SEFM918 * Supplied address is outside of legal range
Erläuterung

An attempt was made to snap storage outside the bounds of the SAF Kernel's cache.


SEFM919 *Operator command did not contain required arguments
Erläuterung

A required parameter was omitted from an operator command. For example, SUSTAT with no userid specified.

Empfohlene Handlung

Correct the operator command and try again.


SEFM920 SSNAP, SSTAT, SUSERS, SUSTAT, SREST, SNEWCOPY, SLOGOFF, STRACE
Erläuterung

This message is issued in response to an SHELP operator command and lists the valid SAF Kernel operator commands.

Empfohlene Handlung

No action is required for this informational message.


SEFM921 * Memory allocation failure - users cannot be logged off
Erläuterung

The SAF Kernel was unable to obtain temporary storage (approximately 16Kb) to log users off in response to an SREST, SNEWCOPY or SLOGOFF operator command.

Empfohlene Handlung

Increase the region size.


SEFM922 * User userid logged off
Erläuterung

This message is issued in response to an SLOGOFF operator command. The indicated user has been logged off from the security system.

Empfohlene Handlung

No action is required for this informational message.


SEFM923 * User userid not logged off - user not found
Erläuterung

This message is issued in response to an SLOGOFF operator command. The requested user could not be found in the SAF Kernel’s cache.

Empfohlene Handlung

Verify the correct user ID was specified.


SEFM924 * User userid not logged off - return code ZZ
Erläuterung

This message is issued in response to an SLOGOFF operator command. An internal error (indicated by ZZ) occurred while attempting to log the reqeusted user off.

Empfohlene Handlung

Evaluate the return code to determine the cause of the error.


SEFM928 * Invalid trace setting - must be 0, 1, 2 or 3
Erläuterung

The STRACE operator command was issued with an invalid trace setting.

Empfohlene Handlung

Correct the trace setting and try again.


SEFM929 * Invalid SAF Security Kernel operator command
Erläuterung

An invalid SAF Security Kernel operator command was entered.

Empfohlene Handlung

Specify a valid SAF Security Kernel operator command.