Environment
Novell Identity Manager Driver - Mainframe Top Secret Fan
Out
Novell Identity Manager 3.5
Situation
When we start the Platform Receiver on TOP Secret, the following
error message happens:
START PLATRCVR EXEC
PGM=PLATRCVR,PARM='-a/usr/local/ASAM/asamplat.conf -p'
COND CODE =08
2007-10-15 17:53:00 CFG001E Could not open configuration file /usr/local/ASAM/asamplat.conf. gcf106
2007-10-15 17:53:00 PRCV006E Platform Configuration file parsing has failed because of a syntax error. apr297
2007-10-15 17:53:00 CFG001E Could not open configuration file /usr/local/ASAM/asamplat.conf. gcf106
2007-10-15 17:53:00 PRCV006E Platform Configuration file parsing has failed because of a syntax error. apr297
Resolution
The CFG001E error says that the platform receiver could not open
the configuration file. It looks like the file name was specified
correctly in the PARM='-a/usr/local/ASAM/asamplat.conf -p', so you
should check the following:
1. Check the Top Secret userid assigned to the platform receiver to make sure it is authorized to use Unix System Services.
2. Look in the z/OS system log and the JCL messages for the platform receiver to look for any system error messages related to the failure.
If you can't find any problems and it still doesn't work, you can specify the configuration file through JCL by doing this:
1. Copy the configuration file to a sequential dataset or member of a PDS. The sample library is a good place to do this.
2. Uncomment the ASAMCONF DD statement in the PLATRCVR JCL and point it to the configuration file created in item 1.
3. Remove the "-a/usr/local/ASAM/asamplat.conf" from the PARM for the platform receiver.
Note that if the problem involves improper setup for using Unix System Services under z/OS, then you will probably get a different error, but at least the platform receiver can read the configuration file.
Here's a quick list of the steps to take to give a user the ability to use USS (from Chapter 2 of the "eTrust™ CA-Top Secret® Security for z/OS Cookbook"):
To define an acid as a z/OS UNIX System Services user:
- Define the user to eTrust CA-Top Secret
- Assign a z/OS UNIX System Services Group
- Assign a z/OS UNIX System Services UID to the user
- Assign the user to a default group
1. Check the Top Secret userid assigned to the platform receiver to make sure it is authorized to use Unix System Services.
2. Look in the z/OS system log and the JCL messages for the platform receiver to look for any system error messages related to the failure.
If you can't find any problems and it still doesn't work, you can specify the configuration file through JCL by doing this:
1. Copy the configuration file to a sequential dataset or member of a PDS. The sample library is a good place to do this.
2. Uncomment the ASAMCONF DD statement in the PLATRCVR JCL and point it to the configuration file created in item 1.
3. Remove the "-a/usr/local/ASAM/asamplat.conf" from the PARM for the platform receiver.
Note that if the problem involves improper setup for using Unix System Services under z/OS, then you will probably get a different error, but at least the platform receiver can read the configuration file.
Here's a quick list of the steps to take to give a user the ability to use USS (from Chapter 2 of the "eTrust™ CA-Top Secret® Security for z/OS Cookbook"):
To define an acid as a z/OS UNIX System Services user:
- Define the user to eTrust CA-Top Secret
- Assign a z/OS UNIX System Services Group
- Assign a z/OS UNIX System Services UID to the user
- Assign the user to a default group