A fix is available
APAR status
Closed as program error.
Error description
Given: - A RACF Userid with a default/expiring password (eg, the original); - That userid does a Logon with a PassTicket after the PASS-Interval. Catalyst: - RACF will save this PassTicket as the "password" in the IRRACEE object in VLF; - RACF will also save the userid's PASSDATE, which is x'00000F' (ie, never). Problem: on the next logon with the same PassTicket, RACF will: - find the VLF object, - validate the passticket as if it was a password, - and then check if the password is expired; based on PASSDATE and PASS-Interval, it is, and VERIFY returns RC8 RACFRC12 . Customers do not expect a Userid that is using Passtickets to ever be flagged as having an expired password. RACF needs to either not save the passticket or be able to denote the saved password data is actually a passticket so it can avoid the expiration check. Additional Symptoms: RC0C RC12 PASSINTERVAL PASSINT CMPLPSWD SPECIAL KEYWORDS: FIXCAT for AES
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: Applications issuing RACROUTE REQUEST=VERIFY * * for users using passtickets who have KDFAES * * passwords. * **************************************************************** * PROBLEM DESCRIPTION: * **************************************************************** * RECOMMENDATION: * **************************************************************** The passticket is incorrectly being processed when dealing with the VLF cache.
Problem conclusion
The code was updated to correctly process the passticket.
Temporary fix
Comments
APAR Information
APAR number
OA48304
Reported component name
RACF
Reported component ID
5752XXH00
Reported release
780
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2015-07-01
Closed date
2015-09-10
Last modified date
2015-10-02
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UA78943 UA78944 UA78945
Modules/Macros
ICHRIN00
Fix information
Fixed component name
RACF
Fixed component ID
5752XXH00
Applicable component levels
R7A0 PSY UA78943
UP15/09/23 P F509
R780 PSY UA78945
UP15/09/23 P F509
R790 PSY UA78944
UP15/09/23 P F509
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"780","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":null,"label":null},"Product":{"code":"SG19O","label":"APARs - MVS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"780","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
02 October 2015