search cancel

CA LDAP not passing NOEXPIRE operand

book

Article ID: 199957

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC LDAP SERVER FOR Z/OS PAM CLIENT FOR LINUX ON MAINFRAME WEB ADMINISTRATOR FOR TOP SECRET

Issue/Introduction

Ca ldap 15.1 was installed and the NOEXPIRE password operand was enabled.
In testing, passwords are still being expired.

Environment

Release : 15.1

Component : CA LDAP Server for z/OS

Resolution

Both of the enableNoExpirePswd, enableNoExpirePswdResume parameters should be mentioned in the racf_utf database specific definition after the suffix. The documentation has been updated to reflect this.

https://techdocs.broadcom.com/us/en/ca-mainframe-software/security/ca-system-z-security-communication-servers-dsi-ldap-pam/15-1/configuring/configure-the-ca-ldap-server/configure-the-racf-utf-backend/racf-configuration-options/database-specific-options-racf.html