Leland--In addition to the following suggestions to use logonby is that
some time ago, auditors dinged us (them--it was before I arrived on the
scene) because the MAINT and other privileged userids had shared
passwords. Auditors don't like that. Connect your system programmer
type people to a $SYSTEMS group or something like that and PERMIT the
$SYSTEMS group to logonby to MAINT and other id's that you would want
them to share.
Jim
Leland Lucius wrote:
Being new to this RACF on VM thing, I'm a little paranoid about how the
MAINT user should be handled in relation to things like password policies.
Mind you, we don't use MAINT all that often, but I'd hate to get myself
in a position where I needed it and was unable to use it because the
password was revoked or something similar.
How do y'all handle MAINT with RACF. Is it really a major concern or am
I just being a fraidy cat?
Leland
--
Jim Bohnsack
Cornell University
(607) 255-1760
[EMAIL PROTECTED]
