ESMRESP And ESMREASON Values for EXEC CICS VERIFY PASSWORD.

book

Article ID: 51821

calendar_today

Updated On:

Products

Cleanup Datacom DATACOM - AD CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services CA ECOMETER SERVER COMPONENT FOC EASYTRIEVE REPORT GENERATOR FOR COMMON SERVICES INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA ON DEMAND PORTAL CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware Top Secret Top Secret - LDAP Top Secret - VSE

Issue/Introduction

Description

The VERIFY PASSWORD returns the same values of:

EIBRESP (= NOTAUTH), EIBRESP2 (= 19), ESMRESP (= 28). and ESMREASON (zeroes) 

If the user's id is suspended or does not have the right FACILITY.

Also, the CA Top Secret r14 manuals do not have seem to have a list of what values would be returned in ESMRESP and ESMREASON.

The questions are:

Is it possible to differentiate between these conditions (using VERIFY PASSWORD)?

Is there a current list of ESMRESP and ESNREASON codes?

Solution

There are no other RESP2 code other than the ones documented in IBM documentation:

NOTAUTH

RESP2 values:

2 The supplied password is wrong.

3 A new password is required.

19 The USERID is revoked.

Because of this, no distinction can be made.

CA Top Secret is passing back a return code x'1C' to IBM. The CA Top Secret Detailed Reason Code (DRC) will indicate the reason of the failure.

The DRC is not a concept that CICS is aware of, and is unique to CA Top Secret. To determine the specific details of the signon failure a TSSUTIL report or a CA Top Secret SECTRACE would reveal the exact cause of the failure. CICS knows nothing about the concept of a CA Top Secret FACILITY...

Note:

With CICS 3.2, the verify password process has changed.

Per IBM CICS documentation:

Your application programs must always check the EIBRESP and EIBRESP2 values returned by the EXEC CICS VERIFY PASSWORD command and not rely on the ESMRESPand ESMREASON codes.

Environment

Release:
Component: AWAGNT