I figured it out from a post on systeminetwork
the object has embedded SQL and the DYNUSRPRF is wrong.
Apparently you can't get away with compiling *USRPRF and then using CHGPGM to *OWNER when there is embedded SQL
Begin forwarded message:
From: Jeffrey Tickner <jtickner@xxxxxxxxxxxxxxxxx>
Date: April 5, 2012 3:09:28 PM EDT
Subject: ILE PGM getting authority error when it does have authority
This makes no sense so I'm thinking there is another attribute that is causing this authority error as a red herring.
There is an ILE program object, 29 modules bound in, that has an owner of FILEUSER and it adopts *OWNER authority.
It was recently recompiled and now when it goes to update a file it gets a CPF4269 not authorized to object.
The file it is trying to update is secured by an AUTL that has *PUBLIC *EXCLUDE and FILEUSER *ALL.
As a test the program object was compiled again in a temporary library, that library moved to the top of the library list and it works fine with the same settings.
I'm think there is something different in how the 2 objects were compiled but I don't have a compile listing anymore for the first program so I don't know the exact create parms.
Is there any other attribute that can cause an authority error?
They both have the same activation group, QILE.
I searched the archives for CPF4269 and didn't find anything helpful