Re: Confirm or deny existence of old masking password?
Hi Dave, This is most likely a masked password. If you know the password, simply reset the password for the ID to the same value. This will DES-encrypt it. Alternatively, make the ID PROTECTED, remove the password from the JOB card, and permit the Started Task SURROGAT access to ID to submit it without a password. Regards, Bob Robert S. Hansel Lead RACF Specialist RSH Consulting, Inc. 617-969-8211 www.linkedin.com/in/roberthansel www.twitter.com/RSH_RACF www.rshconsulting.com --- Upcoming RSH RACF Training - WebEx - RACF Audit & Compliance Roadmap - OCT 19-23, 2020 - RACF Level I Administration - DEC 7-11, 2020 - RACF Level II Administration - NOV 16-20, 2020 - RACF Level III Admin, Audit, & Compliance - NOV 2-6, 2020 - RACF - Securing z/OS UNIX - SEPT 28 - OCT 2, 2020 --- -Original Message- Date:Fri, 10 Jul 2020 20:33:53 + From:"Gibney, Dave" Subject: Confirm or deny existence of old masking password? I believed hat all our passwords were at least DES. Recenly upgraded sandbox z/OS 2.1 to z/OS 2.3. Now getting: IRR013I VERIFICATION FAILED. INVALID PASSWORD GIVEN. For an job submitted via an STC with userid and password on the JOB card. Works fine in z/OS 2.1 Is there some way I can confirm that z/OS 2.3 is failing this because the password is sill a "masking" password? Cross-posted RACF-L and IBM-MAIN Dave Gibney Information Technology Services Washington State University -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Confirm or deny existence of old masking password?
This is guesswork. If you allow lowercase passwords, the ubiquitous uppercase translation from password entry to RACF verification is bypassed. I would look at system option 5.1 in the RACF dialog. Look for a statement like this: MIXED CASE PASSWORD SUPPORT IS NOT IN EFFECT This option causes user entered password to translate to uppercase. If it says something like 'is in effect', then uppercase translation is not in effect, so if user enters lowercase, that will get passed ASIS to RACF and fail verification. . . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-543-6132 Office ⇐=== NEW robin...@sce.com -Original Message- From: IBM Mainframe Discussion List On Behalf Of Gibney, Dave Sent: Friday, July 10, 2020 1:34 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: (External):Confirm or deny existence of old masking password? CAUTION EXTERNAL EMAIL I believed hat all our passwords were at least DES. Recenly upgraded sandbox z/OS 2.1 to z/OS 2.3. Now getting: IRR013I VERIFICATION FAILED. INVALID PASSWORD GIVEN. For an job submitted via an STC with userid and password on the JOB card. Works fine in z/OS 2.1 Is there some way I can confirm that z/OS 2.3 is failing this because the password is sill a "masking" password? Cross-posted RACF-L and IBM-MAIN Dave Gibney Information Technology Services Washington State University -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Confirm or deny existence of old masking password?
I believed hat all our passwords were at least DES. Recenly upgraded sandbox z/OS 2.1 to z/OS 2.3. Now getting: IRR013I VERIFICATION FAILED. INVALID PASSWORD GIVEN. For an job submitted via an STC with userid and password on the JOB card. Works fine in z/OS 2.1 Is there some way I can confirm that z/OS 2.3 is failing this because the password is sill a "masking" password? Cross-posted RACF-L and IBM-MAIN Dave Gibney Information Technology Services Washington State University -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN