Workload Automation1

Expand all | Collapse all

CAUAJM_W_10400 Application Execute Access Denied!

  • 1.  CAUAJM_W_10400 Application Execute Access Denied!

    Posted 10-29-2018 01:13 AM

    Hi All,

    Can you please help me why do we get the below error when I was running one of the command job from Autosys.

    Command:  /home/script/out.sh. 

    Out.sh will be used to send event to disable a task.(send event ......)

    I checked the directory - /home/script/out.sh and the autosys user (User1) has -rwxrwxrwx permissions but still I am seeing the error. The Autosys jil script has permission ( permission: gx,wx).

     

    Please let me know if I missing anything with the permissions. 

     

    Error:

    CAUAJM_W_10400 Application Execute Access Denied!
    CAUAJM_W_10439 No policies granting access to resource.
    CAUAJM_W_10440 Class: as-appl Resource: db.User1: User1 Access: execute
    CAUAJM_W_10442 Time: 1540789296 Delegator: None



  • 2.  Re: CAUAJM_W_10400 Application Execute Access Denied!

    Posted 10-29-2018 01:33 AM

    That is a EEM policy error not an O/S error.

     

    CAUAJM_W_10439 No policies granting access to resource.

     

    The policy in question is as-appl.



  • 3.  Re: CAUAJM_W_10400 Application Execute Access Denied!

    Posted 10-29-2018 09:38 AM

    Hanson, what will be solution for fixing this error ?



  • 4.  Re: CAUAJM_W_10400 Application Execute Access Denied!

    Posted 10-29-2018 10:46 AM

    you need to entitle. are you in charge of the autosys suite of tools including eEM? 

    If not then go to the team that does, if you are then you need to learn how to create entitlements.

    Good luck

     

    Steve C.



  • 5.  Re: CAUAJM_W_10400 Application Execute Access Denied!

    Posted 10-29-2018 12:46 PM

    No Steve I am not in charge of the tools.  

     

    Below is the issue which is causing the error.  Can I achieve the below through any other command and I am using the below command to terminate my previous job (which runs for every 15 minutes) based on a condition.

     

    sendevent -E CHANGE_STATUS -s INACTIVE -J job1.

     

    Thanks Steve  for the help.



  • 6.  Re: CAUAJM_W_10400 Application Execute Access Denied!

    Posted 10-29-2018 12:57 PM

    contact the autosys team and find out the naming convention. Obviously you are not properly entitled for that job. the error is with as-appl which is the application attribute. 

    This is all about entitlements. you need to contact your AutoSys team.

    Good luck 

     

    Steve C. 



  • 7.  Re: CAUAJM_W_10400 Application Execute Access Denied!

    Posted 10-29-2018 09:43 PM

    Thanks Steve.



  • 8.  Re: CAUAJM_W_10400 Application Execute Access Denied!

     
    Posted 10-30-2018 05:39 AM

    Hi,

     

    Your as-appl policy should allow User1 to have Read , Execute access to jobs that have

    $AUTOSERV.db.User*  in the application field

     

     

    as-appl Resource Class

     

    The actions in the as-appl resource class control access to job sets as follows:

    READ
    View jobs that belong to an application group.

    Note: If the as-list resource class policies do not enable the utilities to bypass security checks, reports will include only information about resources that the utility has read access to. When a utility runs individual security checks, reports processing time increases.

    EXECUTE
    Send events to an application group.
    Authorize the cross-platform start job requests.

    WRITE
    Edit jobs that belong to an application group.

     

    Best regards,

     

    Faouzia



  • 9.  Re: CAUAJM_W_10400 Application Execute Access Denied!

    Posted 10-30-2018 07:09 AM

    Faouzia, Do not confuse the requester with eEM syntax. They are not part of the team that handles entitlements. Per the response to my question.

     

    S583, do NOT use that syntax it is behind the curtain settings .. find out your entitlements from the Team that set up Autosys and eEM.

     

    Good luck.

     

     

    Steve C.

     

     

    Nothing in this message is intended to constitute an electronic signature unless a specific statement to the contrary is included in this message.

     

    Confidentiality Note: This message is intended only for the person or entity to which it is addressed. It may contain confidential and/or privileged material. Any review, transmission, dissemination or other use, or taking of any action in reliance upon this message by persons or entities other than the intended recipient is prohibited and may be unlawful. If you received this message in error, please contact the sender and delete it from your computer.