Using password phrases with shared downlevel systems

When you share the RACF® database and assign password phrases, it is important that each system sharing the RACF database runs a level of RACF that supports password phrases.

If you share the RACF database with a downlevel system that does not support password phrases, the following restrictions apply.

Restrictions:

If you issue the LISTUSER command or execute the database unload (IRRDBU00) utility from a downlevel system, neither indicates the presence of a password phrase assigned from an uplevel system.
If you issue the ALTUSER command from a downlevel system to change the password of a user who is assigned a password phrase, the PASSPHRASE attribute is removed from the user's profile.
The user can still use the password phrase on an uplevel system, but if you issue the LISTUSER command or execute the database unload (IRRDBU00) utility from an uplevel system, neither indicates the presence of a password phrase for this user. An authorized user can restore the PASSPHRASE attribute only by issuing the ALTUSER command from the uplevel system to assign another password phrase to the user.
Users who are assigned a password phrase cannot issue the PASSWORD command from a downlevel system to change their own passwords. When issued, the PASSWORD command fails with the following message:
```
ICH08008I userid NOT DEFINED TO USE A PASSWORD
```
Users can still use their passwords on both uplevel and downlevel systems, and use their password phrases on uplevel systems. The passwords of users with a password phrase can be successfully changed on uplevel systems, or in the following ways on downlevel systems:
- Users change their own passwords at logon time, depending on the application.
- An authorized user can change the passwords by issuing the ALTUSER command from the uplevel system.