Groan, I hate it to correct myself, but I was contacted offlist that I'm wrong ... ouch, so early in 2015! ...
So here goes ... >>SSHD doesn't tell me that "0123456789" is unknown to RACF, or even that it's >>syntactically invalid. I can't use SSH to probe for known user IDs. >I believe this is WAD. RACF won't tell you via TSO/SSHD *why* your logon is >rejected, it simply says your attempt is invalid. >That topic of not telling the reason of failed logon was covered in RACF-L in >the past. Should be this: I believe this is WAD for SSHD, but somewhat different for TSO for passwords, not for TSO ids. For passwords - RACF won't tell [1] you via *why* your logon is rejected, it simply says your password is invalid. (syntax rules/re-used passwords, etc.) For TSO, you can probe for known user ids, but you will see a lot of LOGON and IEA989I message in the SYSLOG. That topic of not telling the reason of failed logon (password) was indeed covered in RACF-L in the past. Sorry Paul. Groete / Greetings Elardus Engelbrecht [1] - But, you can see the actual reasons for invalid password in RACF SMF records. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
