When a user changes their own password via TSO ACF command - will these be reported in the ACFRPTLL report?
Release : 16.0
Component : ACF2 for z/OS
Password changes done at SEV(system entry validation) from TSO, BATCH, CICS etc will cause an SMF record to be cut whether the logonid has SECURITY or not. The SMF record will be reported on the ACFRPTLL report when the 'UPDATE' parameter is used. For example the following is the ACFRPTLL report for a password change from a TSO logon followed by CICS logon:
DATE TIME LOGONID JOBNAME CHANGER CHANGE CPU USING
FIELD OLD VALUE NEW VALUE SIGNAL
22.076 03/17 08.23 USER001 MSTJCL00 UPDATE SYSX
PASSWORD ---NON PRINTABLE--- ---NON PRINTABLE---
22.076 03/17 08.30 USER001 CICSTASK UPDATE SYSX
PASSWORD ---NON PRINTABLE--- ---NON PRINTABLE---
Sample JCL:
//REPORT EXEC PGM=ACFRPTLL
//SYSPRINT DD SYSOUT=*
//RECMAN1 DD DISP=SHR,DSN=SYS1.MAN1
//RECMAN2 DD DISP=SHR,DSN=SYS1.MAN2
//RECMAN3 DD DISP=SHR,DSN=SYS1.MAN3
//SYSIN DD *
DETAIL UPDATE
//*