search cancel

New Password Change Not Being CPF'd In Top Secret

book

Article ID: 188586

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

ACIDs are having issues with password propagation. The password, when changed on the production lpar, should CPF (Command Propagation Facility) to the test lpar. 

The new password rules on the test lpar are:
NEWPW(MIN=08,MAX=008,WARN=05,MINDAYS=01,NR=1,ID,RS,FA,FN,MC)  

The new password rules on the production lpar are:
NEWPW(MIN=08,MAX=008,WARN=05,MINDAYS=01,NR=0,ID,RS,FA,FN)  

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

The password on the receiving system did not match the password on the sending system. The RECVCMDS file showed the following:

TSS0422E  PASSWORD VERIFICATION FAILED ON REMOTE NODE      
TSS0301I  REPLACE  FUNCTION FAILED, RETURN CODE =  8    

The password on the receiving system was mixed case and the password on the sending system was upper case.

OPTIONS(3) can be set in the Top Secret parameter file to disable the inbound CPF old/new password verification.

If OPTIONS(3) is not set, then password changes going from an lpar using upper case passwords to an lpar using mixed case passwords will NOT be changed because the comparison will be an upper case password against a mixed case password and they will not match.