The ACF, SHOW commands displays the following password configuration options:

PSWDMAX  = 0       MAXIMUM NUMBER OF DAYS TO ELAPSE FOR A PSWD CHANGE        
PSWDMIN  = 0       MINIMUM NUMBER OF DAYS TO ELAPSE FOR A PSWD CHANGE         

Logonids are set up with the MAXDAYS(90) MINDAYS(1) which is the standard format for any general user.

The Auditors want this reflected in the configuration, and expect to see:

PSWDMAX  = 90       MAXIMUM NUMBER OF DAYS TO ELAPSE FOR A PSWD CHANGE
PSWDMIN  = 1       MINIMUM NUMBER OF DAYS TO ELAPSE FOR A PSWD CHANGE         

The issue is that not all ID’s have this configuration.

Question is:-  How do we overcome this issue?  Have CA Broadcom come across this issue in other companies using ACF2?

Release : 16.0

Component : ACF2 for z/OS

The MAXDAYS and MINDAYS can be set at the logonid level or the system level.

Logonid Fields
MAXDAYS(days)
Specifies the maximum number of days permitted between password changes before the password expires.
MINDAYS(days)
Specifies the minimum number of days that must elapse before a user can change their password.

Global System fields(GSO PSWD)
PSWDMIN(0|days) Specifies the global value for the minimum number of days that must elapse before a user can change their password. 
PSWDMAX(0|days) Specifies the global value for the maximum number of days permitted between password changes before the password expires.

Any non-zero value in the logonid MAXDAYS or MINDAYS fields overrides the Global System PSWDMIN and PSWDMAX fields in the GSO PSWD record.

To display the Global password setting from the GSO PSWD record, the TSO, ACF, SHOW PSWDOPTS command can be issued.