search cancel

IBM APAR OA44855 and LOGON PASSWORDPREPROMPT(ON) option in IKJTSO00 SYS1.PARMLIB member.

book

Article ID: 42176

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP

Issue/Introduction

Introduction:   

 

-How can we use the new LOGON PASSWORDPREPROMPT(ON) option in SYS1.PARMLIB(IKJTSOxx) member?

 

-Which CA Top Secret release do we have to run? 

 

 

Instructions:

 

-You have to run CA Top Secret r16.0 to fully support this.

 

 
-There is no change on Top Secret side.
 
 

Additional Information:

 

 

    -Our experience is as it follows:

 
We've implemented it with z/OS 2.2 and it works with CA TSS r16.0 as expected.
 
To have it "working" with CA Top Secret r15.0 we had to set the TSO facility in DORM mode, but acids still ran in FAIL mode.
So it doesn't really work with CA Top Secret r15.0, but at least allows to go back and forth without changing IKJTSOxx member and offers some kind of flexibility for testing. This is just for a test, like there are other implications to have a user running in FAIL mode, e.g. if you want to have that user to access to a facility in WARN mode for other purposes.
 
Obviously, if you enter a wrong password, you will be denied to access to TSO after going thru the TSO/E Logon panel. 
 
-Check you SYS1.PARMILB(IKJTSOxx) member to add this option: LOGON PASSWORDPREPROMPT(ON) 
 

Environment

Release: TOPSEC00200-15-Top Secret-Security
Component: