Password threshold exceeded and password suspension recordings in Compliance Manager
Article ID: 46979
Updated On:
Products
Compliance Manager for z/OS
Issue/Introduction
How are password threshold exceeded and password suspension events recorded in Compliance Manager?
Resolution
There is no administrative command being issued in Compliance Manager. What you see is a command representation of what happened being recorded to the recovery file in case you would have to perform forward recovery. Since a real command was not issued, it cannot be captured in the account administration tables. The suspension is the result of a system access signon event, and in this case a signon violation event since the signon was unsuccessful. If you are recording these type of events, you should see a DRC (CODE1 field) of '1' for ACID suspended and a DRC of '27' (x'1B') for Password Violation Threshold Exceeded. If you are capturing these events then you can set an Alert for the DRC codes.
Feedback
Yes
No
Powered by
