Getting NSX953 trying to add user or force password change in Netmaster
search cancel

Getting NSX953 trying to add user or force password change in Netmaster

book

Article ID: 117871

calendar_today

Updated On:

Products

CMDB for z/OS NetSpy Network Performance NetMaster Network Automation SOLVE NetMaster Network Management for SNA NetMaster Network Management for TCP/IP NetMaster File Transfer Management SOLVE:Operations Automation SOLVE:Access Session Management SOLVE:FTS

Issue/Introduction

The region is set to use SEC=PARTSAF or SEC=NMSAF.
As Netmaster/SOLVE administrator, trying to Force password change for a user through the region results in message

NSX953 USERID: A8N9VZZ REVOKED 

Environment

All SOLVE / Netmaster products, all releases

Resolution

Using SEC=NMSAF, password handling is done via external security, (RACF/ACF2/Top Secret).

Individual users can change their passwords through Netmaster if the change password option is activated in the SXCTL member, see KB000023925.

It is not possible to reset another user's password through Netmaster.
When the SAF call goes out to RACF, it includes the requesting userid but there is no information included regarding the status of that userid as secuirity Admin or not. So to external security it appears that an unauthorized 3rd party is attempting to force a password change, which is not allowed. The return code is the same as what is normally used for revoked passwords, even though that is not the case in this instance, so the text does not reflect the actual result.

The solution is to handle forced password changes/resets directly in the external security product.

Powered by Wolken Software