ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Change The Top Secret Password Expiration Interval Without Extending The Current Password Expiration Date?

book

Article ID: 186702

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP

Issue/Introduction

When extending an ACID's password expiration interval to a higher value (90 to 180), is there a way to preserve the current expiration date and have the new interval effective on next password reset after that date? TSS REP(ACID) PASS(*,180) immediately extends the expiration date 180 days which, if implemented for a large number of ACIDs, will set them to expire all on the same day 6 months from now.

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

The password expiration date cannot be changed directly. It is changed when an administrator changes the password expiration interval or adds/replaces a new password and expires it at first logon. Some sites that have changed their interval in the past have staggered the days the batch jobs for the TSS REPL(acid) PASS(*,nnn) commands that are issued so every acid’s password won’t expire on the same day in ‘nnn’ days.