TPX: User is unable to enter a NewPassword on the TPX logon screen

book

Article ID: 145442

calendar_today

Updated On:

Products

CA TPX - Session Management TPX- PACKAGE CA Vman Session Management for z/OS TPX SESSION MANAGEMENT

Issue/Introduction


 On the TPX Logon screen a user tries to enter a NewPassword and receives the following message:



This works successfully in the TEST LPAR but not in Production.

 




Cause

A SECDBG trace showed - SAF Return Code :Hexadecimal 08 and RACF Return Code: Hexidecimal 10

Here is the IBM Documentation where the return/reason codes are documented  ; RACROUTE REQUEST=VERIFY

10

 At least one of the following conditions has occurred:
  • The new password or password phrase is not valid.
  • A new password phrase was specified with a current password, or a new password was specified with a current password phrase.
  • A new password phrase was specified with a PassTicket as the current password, but the user does not currently have a password phrase.
  • A password or password phrase change is disallowed at this time because the minimum password-change interval has not passed.

Environment

Release : TPX 5.4
Security: RACF

 

Resolution

The password for the user was made permanent (NOEXPIRE) the same day they tried to enter a Newpassword.  The minimum PW change interval was 1 day.  After waiting a day then a Newpassword could be entered.

Attachments