It is documented in the SYS2.CA.SYSVDB2.CDBAPARM(PXNPARM)that the OEVN003 health check summary message, could report a false PROBLEM with the passticket configuration (*PTKT*).
So, we are using a CAUSER as the authorized ID to run all the CA STC's and it is defined as NOPASSWORD.
We have set the procedure, as shown below, to avoid this misleading/false message:
* To eliminate the false reporting of passticket problems, update the
* OPSPTCKTID parameter below, substituting a valid user ID for
* "mytsoid", and then removing the asterisk from column 1 to activate
* the parameter statement. As the administrator of this parameter
* member, it is safe to specify your own user ID in the OPSPTCKTID()
* parameter.
*----------------------------------------------------------------------
OPSPTCKTID(CAUSER)
*NOOPSU2X
NOOPSOFA
*----------------------------------------------------------------------
However, we are continuing to see the misleading/false error message, followed by the error messages below:
OEVN003I OPSEVENT-Status: PROBLEM Reason: Xnet TCPok XMGRok *PTCKT* PXNok U2Xok IDB2ok NOOFA
ICH408I USER(CAUSER ) GROUP(CASTC ) NAME(USERID FOR CA TASKS )
LOGON/JOB INITIATION - INVALID PASSWORD
IRR013I VERIFICATION FAILED. INVALID PASSWORD GIVEN.
We then tried to fix this problem using a regular TSO UserID in the OPSPTCKTID(BR12273)and it did fix the problem.
However we cannot have anyone's TSO UserID in a system PROC. How should we address this?