This is a special case: if you choose the option to execute an external program with parameters directly and not via logical commands, then you also need authorization for object S_RZL_ADM actvt '01'. The check is very blunt and must be strict as what that external program does is completely unknown to the application scheduling it.
This authority must be present for the step user running the command and if the job is already scheduled with status released or the source job is copied, then even the scheduling user must themselves have sufficient authorization for S_RZL_ADM and not only the step user. They must have been able to run it themselves if they want to schedule it for a different user or interfere with an existing job of such a type.
Cheers,
Julius
