On 3 Jan 2007 18:35:45 -0800, in bit.listserv.ibm-main you wrote: >Karthick wrote: >> Hello, >> >> We have planned to implement the following password rules in RACF. >> >> Passwords Syntax: >> * Restrictions on repeated characters >> * Alphanumeric passwords, including special characters, upper case, and >> lower case. >> >> Please advice with informations or procedures or what EXIT need to be >> used. >> > >Most of your requirements can be handled with the RACF password rules >that you can set with "SETROPTS PASSWORD(RULEx (...))" commands. For >details, see the SETROPTS command in "A22-7687 z/OS Security Server RACF >Command Language Reference". > >You cannot have special characters other than "$, #, @" in a RACF >password. Password length cannot exceed 8 characters.
The choice of nationals as the only special characters allowable in passwords is poor to say the least. The $ code point becomes a pound sterling sign in the UK and the yen sign in Japan. I suspect similar changes for the others. It would be far more sensible to allow the slash, asterisk, hyphen and plus sign since I believe they remain stable across code pages. > >If you want to allow lower case passwords, you need at least z/OS V1R7 >and you should test all your middleware and applications where RACF >authentication is performed thoroughly with mixed case passwords before >you go live on a production system with that. Otherwise, you might be in >for blood, sweat and tears. > >For restrictions on repeated characters, you need RACF exit ICHPWX01. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
