IBM Mainframe Forum Index
 
Log In
 
IBM Mainframe Forum Index Mainframe: Search IBM Mainframe Forum: FAQ Register
 

password expiry notification


IBM Mainframe Forums -> TSO/ISPF
Post new topic   This topic is locked: you cannot edit posts or make replies.
View previous topic :: View next topic  
Author Message
kcs4u2004
Warnings : 1

New User


Joined: 21 Apr 2008
Posts: 56
Location: Chennai

PostPosted: Tue Feb 22, 2011 7:20 am
Reply with quote

when we are logging into mainframe screen we are getting the password pop up message such as " Password is about to expire in 7 days" when the expiry date approaches. I want to send this message as a email notification to the user. Could anybody please shade some light on this how can I do that.
Krish
Back to top
View user's profile Send private message
dick scherrer

Moderator Emeritus


Joined: 23 Nov 2006
Posts: 19244
Location: Inside the Matrix

PostPosted: Tue Feb 22, 2011 9:15 am
Reply with quote

Hello,

Possibly there is something i misunderstand, but for this message to be generated, the user is currently logging onto the system - are they not? This is when the message would be displayed?

Why not instruct them to change their password any time after the message first appears and before the "timeout" expires? This could be sent as an e-mail to the entire organization (if this is really causing confusion).
Back to top
View user's profile Send private message
Robert Sample

Global Moderator


Joined: 06 Jun 2008
Posts: 8696
Location: Dubuque, Iowa, USA

PostPosted: Tue Feb 22, 2011 9:21 am
Reply with quote

The password expiration message is generated by the site security package (such as RACF). Unless you've updated the profile for every person using your site's mainframe, just what email address would be used? Answer: since the site security package doesn't typically store one, there is no email address to send a notification to.

As Dick said, the notification is on the mainframe for a reason -- don't try to do things that would be very difficult when easy ways are available.
Back to top
View user's profile Send private message
kcs4u2004
Warnings : 1

New User


Joined: 21 Apr 2008
Posts: 56
Location: Chennai

PostPosted: Tue Feb 22, 2011 9:37 am
Reply with quote

Hi Dick,

Thanks for you reply.
Your option has been explored,but the users are not following that ,To say in detail "we support the business users(ADMIN part) where we have to reset their password,create/Delete/Modify User ID,but the screen used to do these activities are developed in Rexx .
Now the users are very high and they just ignore the console message to reset when it is about to expire,for that reason we have to send email notification,so that they will be aware of that.

Thanks,
Krush
Back to top
View user's profile Send private message
dick scherrer

Moderator Emeritus


Joined: 23 Nov 2006
Posts: 19244
Location: Inside the Matrix

PostPosted: Tue Feb 22, 2011 10:13 am
Reply with quote

Hello,

Being "very high" has little to do with the situation. If they ignore a message that is directly in front of them on the screen, why would they also not ignore an e-mail?

Keep in mind that these people cannot be bothered to be part of the team so eliminating their calls for a reset is not on their list of priorities.

Hopefully, your management also has someone who is "very high" and may be enlisted to explain to their peers that if they take the 20 seconds to change their password, they will not lose time having to deal with the expired password.

Good luck icon_smile.gif
Back to top
View user's profile Send private message
expat

Global Moderator


Joined: 14 Mar 2007
Posts: 8797
Location: Welsh Wales

PostPosted: Tue Feb 22, 2011 1:11 pm
Reply with quote

If they ignore a system generated message, why do you suddenly believe they will adhere to a system generated email.

When they ring up, talk them through the password reset process so they will know what to do next time.

If they email, then send a base email telling them how to renew the password themselves.
Back to top
View user's profile Send private message
prino

Senior Member


Joined: 07 Feb 2009
Posts: 1306
Location: Vilnius, Lithuania

PostPosted: Tue Feb 22, 2011 4:08 pm
Reply with quote

What a load of bull!

Let it expire and the next time they log on, the system will force them to change their password!
Back to top
View user's profile Send private message
enrico-sorichetti

Superior Member


Joined: 14 Mar 2007
Posts: 10872
Location: italy

PostPosted: Tue Feb 22, 2011 4:29 pm
Reply with quote

Quote:
To say in detail "we support the business users(ADMIN part) where we have to reset their password,

what kind of utter stupidity is that...
the so called security support should reset a user password only after some paperwork and proper tracking,
sometimes only after the manager approval,
and anyway after a password reset the user will have to change his/her password
( in technical terms a resetted password is expired by definition )

Quote:
Now the users are very high and they just ignore the console message to reset when it is about to expire

again a truckload of horse manure
if they do not change the password when they get the initial <warning>
they will be sure forced to do so on the expiry date,
so why worry ?
it does not make any difference if Your users are high or low..
one thing for sure your understanding of things is pretty low icon_biggrin.gif
Back to top
View user's profile Send private message
Akatsukami

Global Moderator


Joined: 03 Oct 2009
Posts: 1788
Location: Bloomington, IL

PostPosted: Tue Feb 22, 2011 8:41 pm
Reply with quote

kcs4u2004 wrote:
Now the users are very high and they just ignore the console message to reset when it is about to expire

Well, tell those stoners to put down their bongs and read the fine console messages icon_super.gif
Back to top
View user's profile Send private message
Pedro

Global Moderator


Joined: 01 Sep 2006
Posts: 2546
Location: Silicon Valley

PostPosted: Tue Feb 22, 2011 8:51 pm
Reply with quote

A user with special authority can issue LISTUSER * command. Parse the command response for all USER=, PASSDATE=, and PASS-INTERVAL= values.

Compare passdate+ interval with the current date. When the expiration date approaches, send the email. The semi-hard part is to match the userid with an email address.
Back to top
View user's profile Send private message
dick scherrer

Moderator Emeritus


Joined: 23 Nov 2006
Posts: 19244
Location: Inside the Matrix

PostPosted: Tue Feb 22, 2011 10:28 pm
Reply with quote

Hi Pedro,

Quote:
The semi-hard part is to match the userid with an email address.
Ah, ever the optomist. . . icon_smile.gif

At my last several sites, practically impossible. . . icon_wink.gif

Oh, for the days when PROFS was the e-mail system. . .

d
Back to top
View user's profile Send private message
Pedro

Global Moderator


Joined: 01 Sep 2006
Posts: 2546
Location: Silicon Valley

PostPosted: Wed Feb 23, 2011 12:34 am
Reply with quote

Or you can change the logon proc as follows.

Add a new rexx program that issues LISTUSER &SYSUID and parses the command response for the PASSDATE=, and PASS-INTERVAL= values. If the password expiration date is near, display "You must change the password", wait several seconds, and then log them off. Perhaps add a prompt for email address and send them an email to explain why they got bounced. cc: to manager

In that way, the old password still works and it will not bother the sysadmin.

The main idea is to make it more than just another logon message that can be ignored.

Quote:
Ah, ever the optomist. . .

Yes, intentionally understated the problem. :-)
Back to top
View user's profile Send private message
enrico-sorichetti

Superior Member


Joined: 14 Mar 2007
Posts: 10872
Location: italy

PostPosted: Wed Feb 23, 2011 1:33 am
Reply with quote

Quote:
If the password expiration date is near, display "You must change the password", wait several seconds, and then log them off. Perhaps add a prompt for email address and send them an email to explain why they got bounced. cc: to manager


we are just wasting time here...
for what effing reason should anybody duplicate the work already being done by the security package installed!

RACF and friends already issue the message about the near expiration date!
what reason to change the password when at expiration date the user will be forced to change it ?
and the current password will keep working until expiration date

topic locked to prevent further silliness icon_biggrin.gif
Back to top
View user's profile Send private message
View previous topic :: :: View next topic  
Post new topic   This topic is locked: you cannot edit posts or make replies. View Bookmarks
All times are GMT + 6 Hours
Forum Index -> TSO/ISPF

 


Similar Topics
Topic Forum Replies
No new posts FTP - connect with certificate, no pa... JCL & VSAM 1
No new posts Random Password (in string format) ge... COBOL Programming 10
No new posts REST API call - username and password... All Other Mainframe Topics 1
No new posts Need help in Finding who changed the ... JCL & VSAM 6
No new posts How to transfer file password protect... TSO/ISPF 9
Search our Forums:

Back to Top