|
Help Desk Password Reset
|
 |
This question is answered.
|
|
Replies:
4
-
Pages:
1
-
Last Post:
Nov 19, 2009 3:57 PM
Last Post By: KentSM
|
|
|
Posts:
3
Registered:
Nov 06, 2009 10:26:18 AM
|
|
|
|
Help Desk Password Reset
Posted:
Nov 06, 2009 10:30:52 AM
|
|
|
|
Using Zsecure, how do I prevent the help desk people from resetting a password ID when the ID being reset has Special, Operations or Auditor. We are new to Zsecure.
|
|
Posts:
1
Registered:
Nov 22, 2008 07:46:38 AM
|
|
|
|
Re: Help Desk Password Reset
Posted:
Nov 11, 2009 10:35:27 PM
in response to: KentSM's post
|
|
|
|
Hi Kent,
At present, CKGRACF does not provide the ability to control password reset actions over userids with the Special, Operations and/or Auditor priviliges. You can control that via IRR.** profiles in the FACILITY class. See the RACF SAG chapter 25 for details. Make sure to use the SAG for z/OS 1.11 as that version is updated with information form APAR OA26302.
HTH,
Giovanni
|
|
Posts:
3
Registered:
Nov 06, 2009 10:26:18 AM
|
|
|
|
Re: Help Desk Password Reset
Posted:
Nov 12, 2009 08:17:30 AM
in response to: G. Cerquone's post
|
|
|
|
Giovanni, thanks for the reply. We are using ZOS 1.9 and had been using Vanguard as an admin product. I will check out the other avenues.
|
|
Posts:
17
Registered:
May 07, 2008 08:48:16 AM
|
|
|
|
Re: Help Desk Password Reset
Posted:
Nov 12, 2009 09:04:26 AM
in response to: KentSM's post
|
|
|
|
Kent, we protect 'special' folks by simply assigning them to a unique, administrative (#) owner group. In your policy profiles, prevent the helpdesk groups from being able to change the passwords for the 'special' groups.
Hope this helps,
Richard Klatt
|
|
Posts:
3
Registered:
Nov 06, 2009 10:26:18 AM
|
|
|
|
Re: Help Desk Password Reset
Posted:
Nov 19, 2009 03:57:39 PM
in response to: rj4ibm's post
|
|
|
|
Everyone, thanks for your help, as we do not have command verifier active yet we went through the CKG.SCP.G and CKG.SCP.ID type profiles. Our testing looks good so far.
Kent
|
|
|
|
|
