Top Secret TSS7005I messages for incorrect PASSTICKET violation but PTHRESH count never resets

book

Article ID: 211154

calendar_today

Updated On:

Products

CA Top Secret

Issue/Introduction

Running z/os 2.4 and Top Secret 16 and recently have noticed that some users are receiving TSS7005I messages when submitting jobs indicating a number of violations since last successful logon have occurred.  

The issue is the PTHRESH number does not seem to  reset to 0 and in some cases just continues to increment.  

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

Solution 10066 removed the pthresh counter to be reset for non-password signon and passtickets for Top Secret and ACF2

example of non-password signon's are System attempt MFA, RSA, PIV Card...passtickets 

So currently working as designed, Sustaining Engineer may review this design but no change at this time. 


PROBLEM DESCRIPTION:
The problem happens when a successful non-password signon or passticket
signon occurs between invalid password occurrences. This activity resets the
password violation count, preventing the user from reaching the PTHRESH
threshold and being suspended.