HCPLGA059E XAUTOLOG failed for VMX$0001 - incorrect password

Document ID : KB000054793
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

During VM:Secure initialization a prompt is given asking for a logon password;
VMXRPI104R Enter logon password.
Whatever is entered fails with HCPLGA059E XAUTOLOG failed for VMX$0001 - incorrect password.
VM:Secure won't initialize due to this.

Solution:

VM:Secure's RULES disk was not accessed and that is what caused the errors at initialization.
Rules were configured in the CP nucleus, but the facility was not turned on in
the VM:Secure service machine due to the RULES disk not being accessed.
The ACCESS RULES record in the VM:Secure PRODUCT CONFIG was commented out.
Once the ACCESS RULES record was uncommented, VM:Secure could successfully autolog
the servant and would successfully initialize.
VM:Secure Rules Facility documentation in the Rules Facility Guide indicates you can
disable rules by commenting out the ACCESS RULES record in the PRODUCT CONFIG file even
when you have generated a CP Nucleus with VM:Secure rules logic.
This is true, but only if you are not using the VM:Secure Servant Facility.

VM:Secure creates the servants every time you initialize so there will be a different
password for the servant(s) on every initialization so it is impossible to capture a
correct password for the servants. This is normally not a problem because the CP logic
(when rules are running in the server) has logic that specifically allows the VM:Secure
service virtual machine to do some requests to support it's normal processing.
The XAUTOLOG for the servants would come under this category and thus, normally the password is not needed.
However, since rules were not running on the server, the CP logic 'defers to CP' for the request
processing and prompts for the password during the XAUTOLOG.
To run with servants and allow rules to be temporaritly turned off,
add the following CPACTION record to the VMXRPI CONFIG:
CPACTION VMSECURE ACCEPT NOPASS
You will need to re-run VMXCPG and regenerate your CP nucleus to incorporate the
added CPACTION record. This CPACTION record would allow the VM:Secure service virtual
machine VMSECURE to autolog the servants when rules are not turned on by the ACCESS RULES
record in the PRODUCT CONFIG file.