> RACF won't tell you via TSO/SSHD *why* your logon is rejected, it simply says > your attempt is invalid
Ah, but it does, right? Is that not the whole point of the topic? If I say LOGIN FOO I can tell right away that FOO is an invalid userid (from the appearance of the login screen). There is nothing to stop me from trying every possible userid from $ to Z9999999 in an automated fashion to enumerate the userid's of the LPAR (other than time, there being around 5 * 10^11 of them). Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Elardus Engelbrecht Sent: Monday, January 05, 2015 6:27 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: CANCEL TSO Logon? Paul Gilmartin wrote: >My logon PROC is set up to bypass any solicitor and put me directly at: > IKJ56700A ENTER USERID - > userif Review your solicitor to eliminate this pain. >Is there any way to get directly back to IKJ56700A? >Or even better, to change the Userid and continue with the logon? As Boris Lenz kindly suggested, use PA1. You will see LOGON on a clean 3270 screen, just retype LOGON followed optionally by your right id and you're in. If you don't use id after LOGON, you get that familiar IKJ message as usual which is waiting for your input. >SSHD doesn't tell me that "0123456789" is unknown to RACF, or even that it's >syntactically invalid. I can't use SSH to probe for known user IDs. I believe this is WAD. RACF won't tell you via TSO/SSHD *why* your logon is rejected, it simply says your attempt is invalid. That topic of not telling the reason of failed logon was covered in RACF-L in the past. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
