There are several things that come into play to support mixed case (or lower case) passwords.
The CA ACF2 GSO PSWD record must specify PSWDMIXD. Additional options like PSWDLC and/or PSWDUC can enforce site requirements to include at least one lower case or upper case character. After making any GSO PSWD record changes, you must refresh the GSO PSWD record by issuing: F ACF2,REFRESH(PSWD)
The LID record for the logonid needing to use a mixed case password cannot have PSWD-UPP specified.
The @CFDE for the PASSWORD field, in the ACFCFDE member of the CA ACF2 provided CAIMAC library, must specify STATUS=LOWERCSE to allow lower case passwords. This was introduced with release 6.5 of CA ACF2.
Verify that the CA ACF2 GSO PSWD record specifies PSWDMIXD by issuing SHOW STATE and review the password options in effect.
Verify that the logonid does not have PSWD-UPP specified.
It is common for sites to have site defined updates for the PASSWORD field in their ACFFDR customization USERMOD (UM99901). Sites need to ensure that when they update any CA ACF2 provided logonid record field (specified in the CAX1MAC0 library member ACFCFDE) that they do not inadvertently omit any new parameters introduced with new releases.
For example, the pre release 6.5 @CFDE entry for the PASSWORD field (in member ACFFDE) had:
@CFDE PASSWORD,LIDNPSWD,xxxx,ALTER=SECURITY+ACCOUNT+USER, TS77317X FLAGS=NEVER,PRTN=5,VRTN1=05,PROMPT=YES, TS77317X CBPROC=YES TS77317
The release 6.5 version has:
@CFDE PASSWORD,LIDNPSWD,xxxx,ALTER=SECURITY+ACCOUNT+USER, TS77317X FLAGS=NEVER,PRTN=5,VRTN1=05,PROMPT=YES, TS77317X CBPROC=YES,STATUS=LOWERCSE TA4699G
And release 12.0 version has:
@CFDE PASSWORD,LIDNPSWD,xxxx,ALTER=SECURITY+ACCOUNT+USER, TS77317X FLAGS=NEVER+SPECIAL,PRTN=5,VRTN1=05, TA7122HX PROMPT=YES,CBPROC=YES,STATUS=LOWERCSE TA7122H
Make sure that site defined changes to the PASSWORD field (if any) retains the STATUS=LOWERCSE parameter. This can be verified by reviewing the assembly listing after applying USERMOD UM99901. If this parameter was omitted, then lower case passwords cannot be used.