Page 1 of 1

To change the mainframe password

PostPosted: Mon Jun 02, 2014 8:35 pm
by talhoo
Hi,
Can someone direct me to a sample code where i can change the mainframe password using a rexx.
Bascially ask the user the old password and then the new password, and then change it.

Thank you

Re: mainframe password

PostPosted: Mon Jun 02, 2014 9:05 pm
by steve-myers
In the RACF system there is a standard line mode command - PASSWORD - to do just that. Trying to put a Rexx shell around the PASSWORD command is foolish, probably dangerous, and unnecessary.

I don't know about CA-Top Secret and CA-ACF2. It has been 30+ years since I was an ACF2 user / administrator and my memories about it have faded. It has been just 6 years since I was a Top Secret user / administrator, but I don't recall anything like the RACF PASSWORD command.

Re: mainframe password

PostPosted: Mon Jun 02, 2014 9:52 pm
by enrico-sorichetti
Bascially ask the user the old password and then the new password, and then change it.


to change Your password You have to be logged on;
so no reason to ask for the old password again

but why ask on a forum rather than addressing the question to Your security support group.


if You have the business need to know/to do they will be glad to help You

Re: To change the mainframe password

PostPosted: Mon Jun 02, 2014 10:33 pm
by prino
talhoo wrote:Hi,
Can someone direct me to a sample code where i can change the mainframe password using a rexx.
Bascially ask the user the old password and then the new password, and then change it.

Thank you

If I were Alan Sugar, and this was "The Apprentice", the simple answer would be: "You are fired!"

Changing a password using REXX and asking the user to enter it in your code smells, at least to me, very much like "I'm going to collect passwords from the "Dumb (expletive deleted)" who fall for this scheme"...

Re: mainframe password

PostPosted: Mon Jun 02, 2014 11:47 pm
by steve-myers
enrico-sorichetti wrote:... to change Your password You have to be logged on;
so no reason to ask for the old password again ...
Actually, the RACF PASSWORD command wants you to enter your current password. Obnoxious? Yes. But if you've walked away from your terminal, and some one else then tries to change the password ...

Re: To change the mainframe password

PostPosted: Tue Jun 03, 2014 12:34 am
by enrico-sorichetti
the RACF PASSWORD command wants you to enter your current password.
:oops: :oops: :oops:
fingers faster than the brain

Re: To change the mainframe password

PostPosted: Tue Jun 03, 2014 12:42 am
by Pedro
I think the normal logon panel has a field for password and another field for new password. (at least, I think so. My site uses our own logon panel, so my recollection is foggy).

Just provide your user with instructions to change the password. As Enrico suggested, ask your security support group.

Re: To change the mainframe password

PostPosted: Tue Jun 03, 2014 7:00 am
by steve-myers
My last job used a session manager, which is where we usually changed the password when we logged on to the session manager. For all intents and purposes the session manager was the only entry to the multitude of "real" systems. The updated password was (usually) sent to the "real" systems. The session manager usually logged us on to the "real" systems.