I see. The way we use VM:Secure, nopass is granted through the rules facility, so the ESM does handle the requests to XAUTOLOG a user. Since the requesting user's logon was authenticated by the ESM and there is a permitting rule that is also enforced by the ESM, is that authorization, authentication, or perhaps half-authentication? In other words, does having to get past the ESM alter the status?
Regards, Richard Schuh > -----Original Message----- > From: The IBM z/VM Operating System > [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark > Sent: Tuesday, July 01, 2008 2:58 PM > To: [email protected] > Subject: Re: RACF and MAINT > > On Tuesday, 07/01/2008 at 04:56 EDT, "Schuh, Richard" > <[EMAIL PROTECTED]> > wrote: > > "IMO, autologging a user should not reset the password count." > > > > Has your humble opinion changed? Or exactly what did you > mean? Perhaps > > that if authentication requires no password, it should not > reset the > > count? > > No, my opinion has not changed. If there is no password then > there is no authentication, there is only authorization. QED. > > Alan Altmark > z/VM Development > IBM Endicott >
