How can a password for a logonid be created so that it will never expire?

Document ID : KB000025211
Last Modified Date : 26/02/2019
Show Technical Document Details
Question:

How can a password for a logonid be created so that it will never expire?

 

Answer:

The MAXDAYS and LIDZMAX fields of the logonid can be used to make a user's password never expire.

When the MAXDAYS field of the user's logonid is set to 0 along with the LIDZMAX flag the user's logonid will never expire.

From TSO:
ACF
SET LID
CHANGE logonid MAXDAYS(0) LIDZMAX

MAXDAYS and LIDZMAX field descriptions from the ACF2 Administrator Guide, Maintaining Logonid Records Chapter:

MAXDAYS(days)
Specifies the maximum number of days (based on the date specified in the PSWD-TOD field) permitted between password changes before the password expires.

LIDZMAX | NOLIDZMAX
Specifies that a zero value for the MAXDAYS field in the LIDREC will override the global PSWDMAX value in the GSO PSWD record.

Note when MAXDAYS is set to zero, the MAXDAYS field will not be displayed when listing a logonid.
To list a logonid(s) that has MAXDAYS(0) there are two ooptions.

1) From TSO, ACF:

     ACF
     LIST like(logonid mask) IF(MAXDAYS=0)

2) Using the ACFRPTSL report. Sample JCL:

  //REPORT  EXEC PGM=ACFRPTSL         
  //SYSPRINT DD SYSOUT=*              
  //SYSIN    DD *                     
   TITLE(LIST LIDS WITH MAXDAYS 0)      
   INPUT(ACF2)                        
   REPORT(SHORT)                      
   SFLDS(MAXDAYS)                     
   IF(MAXDAYS EQ 0)                   
  /*                   

 

Additional Information:
For details on the logonid MAXDAYS and LIDZMAX fields see the CA ACF2 for z/OS  Administration Guide in Chapter 3: Maintaining Logonid Records section 'Logonid Record Fields'.