Will RACROUTE VERIFY with LOG=NONE prevent the CA Top Secret password violation counter from being incremented and the user PSUSPEND?
Article ID: 124301
Updated On:
Products
Top Secret
Top Secret - LDAP
Issue/Introduction
Affects of LOG=NONE on a RACROUTE REQUEST=VERIFY and the password violation counter in CA Top Secret.
With LOG=NONE, specified on a RACROUTE REQUEST=VERIFY, the password violation counter still gets incremented and user eventually becomes PSUSPEND.
RACROUTE REQUEST=VERIFY,
ENVIR=CREATE, CREATE AN ACEE
LOG=NONE, DON'T INCR'T VIOL'N CNTR LOGNONEX
RELEASE=(7730,CHECK), MINIMUM RELEASE REQUIRED LOGNONEX
MF=(E,ACEECREL)
Should the password violation counter be incremented and the user PSUSPENDed with LOG=NONE?
With LOG=NONE, specified on a RACROUTE REQUEST=VERIFY, the password violation counter still gets incremented and user eventually becomes PSUSPEND.
RACROUTE REQUEST=VERIFY,
ENVIR=CREATE, CREATE AN ACEE
LOG=NONE, DON'T INCR'T VIOL'N CNTR LOGNONEX
RELEASE=(7730,CHECK), MINIMUM RELEASE REQUIRED LOGNONEX
MF=(E,ACEECREL)
Should the password violation counter be incremented and the user PSUSPENDed with LOG=NONE?
Environment
Release:
Component: TSSMVS
Component: TSSMVS
Resolution
LOG=NONE will not stop the CA Top Secret password violation counter from being incremented for password or password phrase validation failures. Therefore, the user will eventually get PSUSPENDed once the maximum password violation threshold has been hit as specified by the PTHRESH control option in CA Top Secret.
Feedback
Yes
No
Powered by
