Service Tools Security Enhancements

Content

• The "Password expiration interval" attribute was added to the Create Service Tools User ID (CRTSSTUSR), Change Service Tools User ID (CHGSSTUSR), and Display Service Tools User ID (DSPSSTUSR). This attribute allows the password expiration interval for an SST user to be set to a different value than the SST password expiration interval security attribute.

• The following SST attributes were added to the Change SST Security Attributes (CHGSSTSECA) and Display SST Security Attributes (DSPSSTSECA) commands:
  • Duplicate password control
  • Allow add of digital certificates
  • Allow service tools user ID with default and expired password to change its own password
  • Maximum sign-on attempts
  • Password expiration interval
  • Allow add and remove of password exit programs (new)

• The remaining attributes continue to be managed in SST. The new SST attribute “Allow add and remove of password exit programs” controls whether new exit programs are allowed to be added to, or existing exit programs are allowed to be removed from, the QIBM_QSY_VLD_PASSWRD and QIBM_QSY_CHK_PASSWRD exit points.