ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

HCPLGA059E XAUTOLOG failed - incorrect password

book

Article ID: 145650

calendar_today

Updated On:

Products

VM:Secure for z/VM

Issue/Introduction

z/VM 7.1 system with VMSECURE Rules installed.

There is a UATOPR userid which runs VM:OPERATOR and has automation to XAUTOLOG TPF test systems.

The command failed with 'incorrect password' specified when in fact no password was specified.

The userid has the required command classes.

What am I missing?


02:57:16 C600498  001E VMYINI0019R Enter: UATUP UGRC UGR                      
02:57:16 C600498  001E HCPLGA059E XAUTOLOG failed for UGRC - incorrect password
02:57:16 C600498  001E unable to logon - process aborted                      
02:57:16 C600498  001E VMYINI0006I 0.000 Ready;                               

03:01:47 C600498  0023 VMYINI0019R Enter: cp xautolog ugrc                    
03:01:47 C600498  0023 HCPLGA059E XAUTOLOG failed for UGRC - incorrect password
03:01:47 C600498  0023 VMYINI0005I 0.000 Error( 59);                          

q privc uatoper                                       

Privilege classes for user UATOPER                    

        Currently: BEFGK                              

        Directory: BEFGK                              

The privilege classes are not locked against changes. 

Ready; T=0.01/0.01 17:53:41                           

q commands xautolog                                   

XAUTOLOG     IBMCLASS=A,B,G                           

Ready; T=0.01/0.01 17:53:49                           

Cause

Lacking NOPASS on ACCEPT XAUTOLOG rule.

Environment

Release : 3.2

Component : CA VM:Secure for z/VM

z/VM 7.1

Resolution

The NOPASS option allows XAUTOLOG without password verification.

Change  ACCEPT XAUTOLOG rule to include (NOPASS.

Additional Information

NOPASS on the RULE instructs VM:Secure to bypass password verification for, in this case, the XAUTOLOG command and allow the command to execute without specifying a password. Keeping in mind this is a security rule, NOT specifying NOPASS is actually saying ... If a password CAN be used with the command, it must be specified.