I thought was that the special characters of a new password phrase would be limited to those given in the PPSCHAR list. However TSS allows many more than that and returns RC=0 for a TSS Replace command. For example: PPSCHAR(*,&,:,-,#,_)
TSS REPLACE(xxxxxxx) PHRASE('N?*Te&t%1#t^rin:AL$n=e!45-Pa.s',30)
TSS0300I REPLACE FUNCTION SUCCESSFUL
Is this working as designed? Please clarify.
If the replace command is being issued by an ADMIN acid then they can replace the password/phrase with anything. The password/phrase rules are not in effect. Usually the REPLACE command has EXP on it such as: TSS REPLACE(xxxxxxx) PHRASE('N?*Te&t%1#t^rin:AL$n=e!45-Pa.s',30,EXP) This will cause the user to be prompted to change their password. The user (Acid TYPE=USER) will then have to abide by the new password/phrase rules.