JOURNAL RESET

Document ID : KB000126759
Last Modified Date : 19/02/2019
Show Technical Document Details
Issue:
I'm having difficulty resetting a user for four (4) invalid logon attempts. There is a journal but it will not allow me to reset it or I'm not understanding the method to reset the number of invalid attempts. 

vmsecure journal list 
4 TUBES VALIDATE ANNIE  
Ready; 
vmsecure journal reset TUBES 

VMXPWJ0128E No matching journal information found. 
Ready(00024); 

vmsecure journal reset ANNIE   
VMXPWJ0128E No matching journal information found. 
Ready(00024);

 
Resolution:
VM:Secure creates journal entries when it detects a user entering an invalid password. If the number of consecutive invalid attempts exceeds the limit specified on the JOURNAL record in the SECURITY CONFIG file, VM:Secure prevents further attempts until the JOURNAL RESET command is issued. 
 

Your JOURNAL LIST shows:

vmsecure journal list 
1 L000B LOGON * 
1 L000B LOGONBY * 
3 * LOGONBY ANNIE  
4 TUBES VALIDATE ANNIE  
Ready; 


You must clear both the LOGONBY  and the VALIDATE as shown here:


VMSECURE JOURNAL RESET * LOGONBY L000B 
VMXPWJ1274I Normal completion. 
Ready; 

VMSECURE JOURNAL RESET TUBES VALIDATE ANNIE  
VMXPWJ1274I Normal completion. 
Ready;    


 

 
Additional Information:
The documentation for the VMSECURE JOURNAL command can be accessed at:

https://docops.ca.com/ca-vm-secure-for-z-vm/3-2/with-security-mgmt/en/reference/command-reference/journal-command