A fix is available
APAR status
Closed as program error.
Error description
Use of ALTUSER EXPIRED keyword without setting a PASSWORD or PHRASE is not controlled through existing PWEXP policy
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: Users of zSecure Command Verifier exploiting * * policy profiles that control usage of the * * no-expired option * * (C4R.USER.PWEXP.<owner>.<userid>). * **************************************************************** * PROBLEM DESCRIPTION: zSecure command verified might not * * honor policy profiles controlling usage * * of the no-expired option * * (C4R.USER.PWEXP.<owner>.<userid>). * **************************************************************** * RECOMMENDATION: Apply the PTF provided. * **************************************************************** When zSecure Command Verified policy profiles controlling usage of the no-expired option (C4R.USER.PWEXP.<owner>.<userid>) are in effect and the ALTUSER command specifies the expiration option (NOEXPIRED/EXPIRED) without password specification, the aforementioned profiles are ignored so that the ALTUSER command is not controlled.
Problem conclusion
zSecure Command Verified has been modified so that the policy profiles that control usage of the no-expired option are handled in accordance to the documentation. 211Y 220Y C4RUPASS
Temporary fix
Comments
APAR Information
APAR number
OA50098
Reported component name
COMMAND VERIFIE
Reported component ID
5655T07CV
Reported release
211
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2016-03-09
Closed date
2016-03-30
Last modified date
2016-04-05
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UA81177 UA81178
Modules/Macros
C4RUPASS
Fix information
Fixed component name
COMMAND VERIFIE
Fixed component ID
5655T07CV
Applicable component levels
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSRM9V","label":"IBM Security zSecure Command Verifier"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"211","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Document Information
Modified date:
28 June 2022