I know we've been through a few iterations of this, and I still have questions: We had one offender that was using a key=8 CADS. They have since provided a release where they use a system key for their CADS, and that release has been installed on all sysplexes/systems.
I was really astonished when the health check *still* complains about user key common storage. We have been running with ALLOWUSERKEYCSA(NO) just about forever and had this one offender which got remedied dynamically *after* the last IPL. I spent the past two days over SMF records, and while the audit flag is mostly on, the only time I saw one of the other flags on (thanks MXG!) was exactly for that one, now fixed offender. Every other SMF30 records with a bit on in the flags section does NOT at the same time have the audit flag on, so according to the doc that record doesn't count as usage. Q1: What exactly turns the audit flag on or off (leftmost bit in the flag byte)? Q2: Is it true that the health check actually checks back to the time of the last IPL and reports on that? That would fit with the fact that the production system has the check run successfully. But that system was IPL'd after the offender got fixed. Thanks in advance, Barbara ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
