On 1 September 2016 at 14:07, R.S. <[email protected]> wrote: > BTW: This is sandbox environment, but I got "catch 22". I swithed on "STIG > mode", which enables a lot of rules, (AFAIK) including requirement for CAPS, > mixed, $pecial and Num3r1c. And I ahve SETR (still) not in mixed mode. So no > password woudl satisfy both SETR settings and the exit rules. Catch 22.
You don't even need this exit to do that. Simply set NOMIXEDCASE along with RACF rules that require at least one lower case character. BANG! At least ALU PASSWORD(........) does not check the rules unless you specify NOEXPIRE. But potential extension (Catch 23?): With (default) EXPIRE then after this admin change you must change your password at next logon, and that still checks the rules. Suggest rule set: http://www.garlic.com/~lynn/2001d.html#52 Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
