Accessing the RRM Work with Collected Entries screen returns error CPF4131. (NETIQKB50532)

  • Document ID:7750532
  • Creation Date:02-Feb-2007
  • Modified Date:19-Mar-2009
    • Micro Focus Products:
      Security Solutions for iSeries

Environment

NetIQ Security Solutions for iSeries 8.0

NetIQ Security Solutions for iSeries

VigilEnt Security Agent for iSeries 7.5

Remote Request Management (RRM)

Situation

Accessing the RRM Work with Collected Entries screen returns error CPF4131.

When I open file NW0004F, I receive error message CPF4131.

Error: ?Level check on file &2 in library &3 with member &4.?

Resolution

NetIQ Security Solutions for iSeries PTFs 1C02012 (version 7.5) and 1C03009 (version 8.0) address potential level check issues after applying operating system level PTFs on V5R1, V5R2, or V5R3. If you have not received level check errors in the NetIQ Security Solutions for iSeries products, you do not need to apply PTF 1C02012 or 1C03009. Please note you must install PTF 1C02012 or 1C03009 in restricted state to prevent file allocation issues.

PTFs 1C02012 and 1C03009 are available on the 7.5 and 8.0 tabs at https://www.netiq.com/support/iseries/extended/hotfixes.asp

If you cannot download and install these PTFs, you can use the following workaround to turn off level checking on physical or logical files created by SQL or any logical file over a physical file created by SQL. This workaround restores RRM functionality. PTFs 1C02012 and 1C03009 address more files than those included in the workaround.

To turn off level checking:

  1. End the ZPSSMON subsystem by typing ENDSBS ZPSSMON on the command line and pressing Enter.
  2. Remove NetIQ exit programs from all exit points by performing the following steps:
    1. From the NetIQ Product Access Menu, type 2 (PSSecure) and press Enter.
    2. Type 3 (Remote Request Management) and press Enter.
    3. Type 8 (Work with Exit Points) and press Enter.
    4. Type 4 (Rmv Exit) in the option field to the left of exit point DDMACC and press F13 (Repeat).
    5. Press Enter.
  3. Cycle your remote servers by performing the following steps. Cycling your remote servers may impact users on the system, end connections to mapped drives, end ODBC connections, and end active file transfer jobs.
    1. From the NetIQ Product Access Menu, type 2 (PSSecure) and press Enter.
    2. Type 3 (Remote Request Management) and press Enter.
    3. Type 30 (Manage RRM) and press Enter.
    4. type 3 (Cycle Remote Servers) and press Enter.
    5. Type *DATABASE and press Tab.
    6. Type *FILE and press F9.
    7. In the All ending subsystems field, type QSERVER and press Enter.
  4. Save the attached file to the root of your PC?s local drive (C:\). Download the file from https://download.netiq.com/kb/files/NETIQKB50532_file1.txt.
  5. Copy the file from the PC to the iSeries using FTP:
    1. Open a new DOS or command window.
    2. Type the following command substituting the name of the iSeries server for [system name]. The iSeries IP (internet address) can be used instead of the system name.

      FTP [system-name]

    3. Type a user id at the FTP prompt, press Enter.
    4. Type the password at the FTP prompt, press Enter.
    5. Type the following FTP commands:

      put c:\RMVLVLCHK.txt QGPL/QCLSRC.RMVLVLCHK

      quit

  6. Set the correct attributes for the source member by issuing the following command:

    CHGPFM FILE(QGPL/QCLSRC) MBR(RRMLVLCHK) SRCTYPE(CLP) TEXT(?Remove level check on RRM files in PSCOMMON')

  7. Create file DSPFD in QTEMP for the compilation to work by issuing the following command:

    DSPFD FILE(PSAUDIT/*ALL) TYPE(*BASATR) OUTPUT(*OUTFILE) OUTFILE(QTEMP/DSPFD) OUTMBR(*FIRST *ADD)

  8. Create the program supplied by issuing the following command:

    CRTCLPGM QGPL/RMVLVLCHK QGPL/QCLSRC

    Do not compile the program in BATCH mode.

  9. Delete the DSPFD file in QTEMP by issuing the following command:

    DLTF FILE(QTEMP/DSPFD)

  10. .
    Run the program by issuing the following command:

    CALL QGPL/RMVLVLCHK

  11. Add NetIQ exit programs to all exit points by performing the following steps:
    1. From the NetIQ Product Access Menu, type 2 (PSSecure) and press Enter.
    2. Type 3 (Remote Request Management) and press Enter.
    3. Type 8 (Work with Exit Points) and press Enter.
    4. Type 1 (Install Exit) in the option field to the left of exit point DDMACC and press F13 (Repeat).
    5. Press Enter.
  12. Cycle your remote servers by performing the following steps. Cycling your remote servers may impact users on the system, end connections to mapped drives, end ODBC connections, and end active file transfer jobs.
    1. From the NetIQ Product Access Menu, type 2 (PSSecure) and press Enter.
    2. Type 3 (Remote Request Management) and press Enter.
    3. Type 30 (Manage RRM) and press Enter.
    4. type 3 (Cycle Remote Servers) and press Enter.
    5. Type *DATABASE and press Tab.
    6. Type *FILE and press F9.
    7. In the All ending subsystems field, type QSERVER and press Enter.
  13. Start the ZPSSMON subsystem by typing STRSBS SBD(PSCOMMON/ZPSSMON) on the command line and pressing Enter.
.


fix

NetIQ has created a workaround to temporarily turn off level checking on physical or logical files created by SQL or any logical file over a physical file created by SQL. This workaround restores RRM functionality. NetIQ is currently researching a permanent solution.

To turn off level checking:

  1. End the ZPSSMON subsystem by typing ENDSBS ZPSSMON on the command line and pressing Enter.
  2. Remove NetIQ exit programs from all exit points by performing the following steps:
    1. From the NetIQ Product Access Menu, type 2 (PSSecure) and press Enter.
    2. Type 3 (Remote Request Management) and press Enter.
    3. Type 8 (Work with Exit Points) and press Enter.
    4. Type 4 (Rmv Exit) in the option field to the left of exit point DDMACC and press F13 (Repeat).
    5. Press Enter.
  3. Cycle your remote servers by performing the following steps. Cycling your remote servers may impact users on the system, end connections to mapped drives, end ODBC connections, and end active file transfer jobs.
    1. From the NetIQ Product Access Menu, type 2 (PSSecure) and press Enter.
    2. Type 3 (Remote Request Management) and press Enter.
    3. Type 30 (Manage RRM) and press Enter.
    4. type 3 (Cycle Remote Servers) and press Enter.
    5. Type *DATABASE and press Tab.
    6. Type *FILE and press F9.
    7. In the All ending subsystems field, type QSERVER and press Enter.
  4. Save the attached file to the root of your PC?s local drive (C:\). Download the file from https://download.netiq.com/kb/files/NETIQKB50532_file1.txt.
  5. Copy the file from the PC to the iSeries using FTP:
    1. Open a new DOS or command window.
    2. Type the following command substituting the name of the iSeries server for [system name]. The iSeries IP (internet address) can be used instead of the system name.

      FTP [system-name]

    3. Type a user id at the FTP prompt, press Enter.
    4. Type the password at the FTP prompt, press Enter.
    5. Type the following FTP commands:

      put c:\RMVLVLCHK.txt QGPL/QCLSRC.RMVLVLCHK

      quit

  6. Set the correct attributes for the source member by issuing the following command:

    CHGPFM FILE(QGPL/QCLSRC) MBR(RRMLVLCHK) SRCTYPE(CLP) TEXT(?Remove level check on RRM files in PSCOMMON')

  7. Create file DSPFD in QTEMP for the compilation to work by issuing the following command:

    DSPFD FILE(PSAUDIT/*ALL) TYPE(*BASATR) OUTPUT(*OUTFILE) OUTFILE(QTEMP/DSPFD) OUTMBR(*FIRST *ADD)

  8. Create the program supplied by issuing the following command:

    CRTCLPGM QGPL/RMVLVLCHK QGPL/QCLSRC

    Do not compile the program in BATCH mode.

  9. Delete the DSPFD file in QTEMP by issuing the following command:

    DLTF FILE(QTEMP/DSPFD)

  10. Run the program by issuing the following command:

    CALL QGPL/RMVLVLCHK

  11. Add NetIQ exit programs to all exit points by performing the following steps:
    1. From the NetIQ Product Access Menu, type 2 (PSSecure) and press Enter.
    2. Type 3 (Remote Request Management) and press Enter.
    3. Type 8 (Work with Exit Points) and press Enter.
    4. Type 1 (Install Exit) in the option field to the left of exit point DDMACC and press F13 (Repeat).
    5. Press Enter.
  12. Cycle your remote servers by performing the following steps. Cycling your remote servers may impact users on the system, end connections to mapped drives, end ODBC conn.
    ections, and end active file transfer jobs.
    1. From the NetIQ Product Access Menu, type 2 (PSSecure) and press Enter.
    2. Type 3 (Remote Request Management) and press Enter.
    3. Type 30 (Manage RRM) and press Enter.
    4. type 3 (Cycle Remote Servers) and press Enter.
    5. Type *DATABASE and press Tab.
    6. Type *FILE and press F9.
    7. In the All ending subsystems field, type QSERVER and press Enter.
  13. Start the ZPSSMON subsystem by typing STRSBS SBD(PSCOMMON/ZPSSMON) on the command line and pressing Enter.
.


Cause

Due to an OS/400 PTF released by IBM, the CRTDUPOBJ/RSTLIB/RSTOBJ functionalities do not replicate the file identifiers from a physical or logical file created by SQL or any logical file over a physical file created by SQL.

If you run the upgrade or installation of VigilEnt Security Agent for iSeries version 7.5 or NetIQ Security Solutions for iSeries version 8.0 or if you restore library PSCOMMON or an individual RRM file while the IBM PTF is applied, you cannot use some RRM functionality.

Additional Information

Formerly known as NETIQKB50532