×
How are password threshold exceeded and password suspension events recorded in Compliance Manager?
Document ID :
KB000046979
Last Modified Date :
14/02/2018
Show Technical Document Details
Products
CA Compliance Manager for z/OS
Releases
CA Compliance Manager for z/OS:Release:2
Components
CA COMPLIANCE MANAGER FOR Z/OS:CACMGR
Question:
How are password threshold exceeded and password suspension events recorded in Compliance Manager?
Answer:
There is no administrative command being issued in Compliance Manager. What you see is a command representation of what happened being recorded to the recovery file in case you would have to perform forward recovery. Since a real command was not issued it cannot be captured in the account administration tables. The suspension is the result of a system access signon event, and in this case a signon violation event since the signon was unsuccessful. If you are recording these type of events, you should see a DRC (CODE1 field) of '1' for ACID suspended and a DRC of '27' (x'1B') for Password Violation Threshold Exceeded. If you are capturing these events then you can set an Alert for the DRC codes.
Was this information helpful?