On Fri, 6 Mar 2009 12:17:49 +0800, Tommy Tsui <[email protected]> wrote:
> Is there any RACF password rule that can validate the password >cannot be a part of USERID? or only write a user exit to implement it? You would probably need an exit to do that. You can find a sample exit on the RACF downloads page (http://www-03.ibm.com/servers/eserver/zseries/zos/racf/goodies.html ) that should simplify that. See REXXPWEXIT. It works on z/OS R10 and later, and provides an ICHPWX01 exit that invokes a REXX exec via System REXX, and a sample REXX exec that you can tailor easily. -- Walt Farrell, CISSP IBM STSM, z/OS Security Design ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
