ICH301I MAXIMUM PASSWORD ATTEMPTS BY SPECIAL USER xxxxxxx
follows message 'ICH302D', to indicate that the Userid maximum number of password attempts has been reached. This problem only occurrs on a Userid defined with the SPECIAL attribute in RACF, and is due to a security exposure.
It also occurs on others Applications like the CA-TPX Session Manager or IBM's NVAS Session Manager. The CA Knowledge Base article KB000054554 is available for TPX information regarding this which gives more details as well as an IBM APAR for NVAS, although this should be cross checked on the IBM web site for current APARS.
This problem can fixed by one of the following methods :
- Reply to the ICH302D message manually or automatically by an Automation product.
- Change the the permissible number of password attempts using the following command:
- Remove the SPECIAL attribute from the Userid involved.