Hello,
I found all this stuff in the racf manual.
Try this
The user will be placed into the FIRST SDSF group that they SAF READ access
Have user signon and
tso alloc fi(isfsectw) dummy reus
then get into sdsf
look at the messages and see what profile you are missing in racf
then
tso free fi(isfsectw)
or try this
turn on security
/$TDEBUG,SECURITY=YES
Then try sdsf and look at the syslog
Then fix the issue
/$TDEBUG,SECURITY=NO
Hopefully this makes sense.
Thanks
Shelia Chalk
Mainframe System Programmer
[email protected]
-----Original Message-----
From: IBM Mainframe Discussion List <[email protected]> On Behalf Of
Mike Shaw
Sent: Friday, February 20, 2026 10:58 AM
To: [email protected]
Subject: [EXT] SDSF ISF024I message
Please Note: This email is from an [EXTERNAL] sender. Do not click on links or
attachments unless you expect them from the sender and know the content is
safe. Please contact the Service Desk if you have any concerns regarding this
message.
Everyone,
New z/OS V3R2 system, adding new user id SYS4723. Getting this message when new
user invokes SDSF:
*ISF024I USER SYS4723 NOT AUTHORIZED TO SDSF, NO GROUP ASSIGNMENT*
but I had previously added the user to the ISFSPROG group in RACF:
CLASS NAME
----- ----
SDSF GROUP.ISFSPROG.SDSF
GROUP CLASS NAME
----- ----- ----
GSDSF
---- ------ ------ -----
MAINUSR ALTER 000000
SYS4723 READ 000000
I did a refresh of all in-storage RACF stuff after giving user READ access to
that group, to no avail.
ISFPRM00 does have ISFSPROG group in it:
*GROUP NAME(ISFSPROG), /* Group name
TSOAUTH(JCL,OPER,ACCT), /* User must have JCL, OPER, ACCT ACTION(ALL),
/* All route codes displayed ACTIONBAR(YES),
/* Display the action bar on panels APPC(ON), /* Include
APPC sysout AUPDT(2), /* Minimum auto update
interval AUTH(ALL), /* All authorized functions
BROWSE(NONE), /* Browse default action character
CMDAUTH(ALL), /* Commands allowed for all jobs CMDLEV(7),
/* Authorized command level */*
* ... etc*
I am obviously missing something...any clues are appreciated...
Mike Shaw
MVS/QuickRef Support Group
Chicago-Soft, Ltd.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions, send email to
[email protected] with the message: INFO IBM-MAIN
======================================= This email, and any files transmitted
with it, is confidential and intended solely for the use of the individual or
entity to which it is addressed. If you have received this email in error,
please notify the system manager. This message contains confidential
information and is intended only for the individual named. If you are not the
named addressee, you should not disseminate, distribute or copy this e-mail.
Please notify the sender immediately by e-mail if you have received this
message by mistake and delete this e-mail from your system. If you are not the
intended recipient, you are notified that disclosing, copying, distributing or
taking any action in reliance on the contents of this information is strictly
prohibited.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
