ESMRESP And ESMREASON Values for EXEC CICS VERIFY PASSWORD.

book

Article ID: 51821

calendar_today

Updated On:

Products

CA Cleanup CA Datacom - DB CA Datacom CA Datacom - AD CA Datacom - Server CA CIS CA Common Services for z/OS CA 90s Services CA Database Management Solutions for DB2 for z/OS CA Common Product Services Component CA Common Services CA Datacom/AD CA ecoMeter Server Component FOC CA Easytrieve Report Generator for Common Services CA Infocai Maintenance CA IPC Unicenter CA-JCLCheck Common Component CA Mainframe VM Product Manager CA Chorus Software Manager CA On Demand Portal CA Service Desk Manager - Unified Self Service CA PAM Client for Linux for zSeries CA Mainframe Connector for Linux on System z CA Graphical Management Interface CA Web Administrator for Top Secret CA CA- Xpertware CA Top Secret CA Top Secret - LDAP CA Top Secret - VSE

Issue/Introduction

Description

The VERIFY PASSWORD returns the same values of:

EIBRESP (= NOTAUTH), EIBRESP2 (= 19), ESMRESP (= 28). and ESMREASON (zeroes) 

If the user's id is suspended or does not have the right FACILITY.

Also, the CA Top Secret r14 manuals do not have seem to have a list of what values would be returned in ESMRESP and ESMREASON.

The questions are:

Is it possible to differentiate between these conditions (using VERIFY PASSWORD)?

Is there a current list of ESMRESP and ESNREASON codes?

Solution

There are no other RESP2 code other than the ones documented in IBM documentation:

NOTAUTH

RESP2 values:

2 The supplied password is wrong.

3 A new password is required.

19 The USERID is revoked.

Because of this, no distinction can be made.

CA Top Secret is passing back a return code x'1C' to IBM. The CA Top Secret Detailed Reason Code (DRC) will indicate the reason of the failure.

The DRC is not a concept that CICS is aware of, and is unique to CA Top Secret. To determine the specific details of the signon failure a TSSUTIL report or a CA Top Secret SECTRACE would reveal the exact cause of the failure. CICS knows nothing about the concept of a CA Top Secret FACILITY...

Note:

With CICS 3.2, the verify password process has changed.

Per IBM CICS documentation:

Your application programs must always check the EIBRESP and EIBRESP2 values returned by the EXEC CICS VERIFY PASSWORD command and not rely on the ESMRESPand ESMREASON codes.

Environment

Release:
Component: AWAGNT