For completeness, also through Facility IRR.PWRESET.OWNER or IRR.PWRESET.TREE or by being owner of the user profile, for ordinary userids. However userids with some powerful attributes, such as SPECIAL, OPERATIONS, AUDITOR and PROTECTED cannot be manipulated without having SPECIAL authority.
On Wed, Jan 12, 2022 at 9:41 PM Itschak Mugzach < 00000305158ad67d-dmarc-requ...@listserv.ua.edu> wrote: > Gadi, > > allow the user (that enter the command) to facility irr.password.reset > > *| **Itschak Mugzach | Director | SecuriTeam Software **|** IronSphere > Platform* *|* *Information Security Continuous Monitoring for Z/OS, zLinux > and IBM I **| * > > *|* *Email**: i_mugz...@securiteam.co.il **|* *Mob**: +972 522 986404 **|* > *Skype**: ItschakMugzach **|* *Web**: www.Securiteam.co.il **|* > > > > > > On Wed, Jan 12, 2022 at 12:28 PM Gadi Ben-Avi <gad...@malam.com> wrote: > > > Hi, > > I would like to allow a user that does not have the special or group > > special attribute to issue the following command succefully: > > alu uuuu password(xxxx) resume noexpire revoke ( 01/13/22 ) > > > > Is this possible? > > Right now the command fails with > > ICH408I USER(OP01 ) GROUP(OPER ) NAME(OPER-01 ) > > PARTIAL VIOLATION ON COMMAND ALTUSER > > > > > > We are running z/OS v2.4. > > > > Gadi > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN