I have 3 files. CONFIG DATADVH CONFIG99 DATADVH CONFIGSS DATADVH
Out of the 3 files, 2 has PW_INTERVAL_FOR_SET= in it CONFIG DATADVH has it as PW_INTERVAL_FOR_SET= CONFIG99 DATADVH has it as PW_INTERVAL_FOR_SET= 90 I committed it out in CONFIG DATADVH did a DIRM RLDD & DIRM RLDC. It failed again with the following DVHREQ2288I Your ADD request for LXTEST2 at * has been accepted. DVHPWU3376E Days can not exceed the current password expire value of 0 DVHPWU3376E for user LXTEST2. DVHADD3212E Unexpected RC= 3376, from: EXEC DVHSTPWC ADD LXTEST2 CONFIG DVHREQ2289E Your ADD request for LXTEST2 at * has failed; with RC = DVHREQ2289E 3212. I restarted DIRMAINT and got the same results. Thanks Scott -----Original Message----- From: Linux on 390 Port [mailto:LINUX-390@VM.MARIST.EDU] On Behalf Of Alan Altmark Sent: Tuesday, October 06, 2015 2:21 AM To: LINUX-390@VM.MARIST.EDU Subject: Re: DIRM problem On Monday, 10/05/2015 at 01:42 EDT, Bruce Hayden <bjhay...@gmail.com> wrote: > What do you have for all the configuration variables that start with > PW_ in > your CONFIG99 DATADVH file? The expire days should be set by > PW_INTERVAL_FOR_SET= according to the documentation. I'm guessing it > is not the default value or at least greater than zero. > > But - you say you also have RACF. In that case, forget all of the PW_ > settings because RACF is the one that will be managing the passwords. You > set the password change interval, etc. using the RAC SETROPTS (set > RACF > options) command. Nah. DIRMAINT still keeps track of when passwords were changed via DIRMAINT. Tearing the problem apart... DVHADD3212E Unexpected RC= 3376, from: EXEC DVHSTPWC ADD LXTEST2 CONFIG This error is because there is a problem with the PW_INTERVAL_FOR_SET statement. A DIRM ADD, CHNGID, or SETPW command (ADD, in this case) attempted to set the password validity interval to a value that is higher than the interval from the PW_INTERVAL_FOR_GEN statement (2nd value). The default is 97 days. There is either a bug in the doc or a bug in the code. PW_INTERVAL_FOR_GEN is documented to have to values on it: The first value specifies the number of days a password is valid following one of the commands that set the password for a general user, the second value specifies the number of days a password is valid for a privileged user. The code doesn't do that. It assumes all users are general users as far as PW_INTERVAL_FOR_SET is concerned. I would do a DIRM CMS LISTFILE CONFIG* DATADVH * to see what configuration files are available. Then I would look in all of them for a PW_INTERVAL_FOR_SET statement. Not finding any, I would simply restart DIRMAINT. If you comment out a statement, RLDDATA won't always work since as far as it's concerned, nothing is overriding the existing value. You can just put a null value on it. PW_INTERVAL_FOR_SET= Alan Altmark Senior Managing z/VM and Linux Consultant Lab Services System z Delivery Practice IBM Systems & Technology Group ibm.com/systems/services/labservices office: 607.429.3323 mobile; 607.321.7556 alan_altm...@us.ibm.com IBM Endicott ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/ The information in this transmission may contain proprietary and non-public information of BB&T or its affiliates and may be subject to protection under the law. The message is intended for the sole use of the individual or entity to which it is addressed. If you are not the intended recipient, you are notified that any use, distribution or copying of the message is strictly prohibited. If you received this message in error, please delete the material from your system without reading the content and notify the sender immediately of the inadvertent transmission. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
