friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8826eae394
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahq_5.4.0.1/rzahqtpwpi.htm

85 lines
5.2 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="dc.language" scheme="rfc1766" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<meta name="dc.date" scheme="iso8601" content="2005-09-13" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow"/>
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<title>Password problems</title>
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
<link rel="stylesheet" type="text/css" href="ic.css" />
</head>
<body>
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
<a name="rzahqtpwpi"></a>
<h3 id="rzahqtpwpi">Password problems</h3>
<p>Previously, all characters that were allowed in i5/OS passwords were also
allowed in Windows passwords. Now, i5/OS allows longer passwords and more
characters than Windows supports. You should use i5/OS passwords containing
only characters and password lengths allowed in Windows passwords if you want
to enroll users. More i5/OS password level security information may be found
in the Planning Password Level Changes section of the <a href="../books/sc415302.pdf" target="_blank">iSeries Security Reference</a>
<img src="wbpdf.gif" alt="Link to PDF." />.</p>
<p>If a password keeps expiring each day after being changed from the integrated
server console, it means that the user forgot that the password must be changed
from i5/OS. Changing the i5/OS password eliminates the problem.</p>
<p>If the i5/OS and Windows server passwords do not match, perform these tasks
to determine why.</p>
<ol type="1">
<li>Check to see if the user is configured as a Windows user. See <a href="rzahqencco.htm#rzahqencco">Types of user configurations</a>.
<ol type="a">
<li>On the i5/OS command line, type <tt>WRKUSRPRF</tt>.</li>
<li>Type in the correct UserID.</li>
<li>Check to see if the attribute <tt>LCLPWDMGT</tt> (Local
password management) is set to *NO. If so the user is configured to have an
i5/OS password of *NONE and the i5/OS and Windows passwords will not be the
same.</li></ol></li>
<li>Check to see that i5/OS is set to store passwords:
<ol type="a">
<li>On the i5/OS command line, type <tt>WRKSYSVAL SYSVAL(QRETSVRSEC)</tt>.</li>
<li>Enter a <tt>2</tt> in the <tt>Option</tt> field; press Enter.</li>
<li>Verify that <tt>Retain server security data</tt> is
set to <tt>1</tt>. If it is not, change it to <tt>1</tt>.</li></ol></li>
<li>On the integrated Windows server, make sure that the User Administration
Service is running. See <a href="rzahqtrepi.htm#rzahqtrepi">Failures enrolling users and groups</a> for related information.</li>
<li>Check to see the i5/OS password support level:
<ol type="a">
<li>On the i5/OS command line, type WRKSYSVAL SYSVAL(QPWDLVL).</li>
<li>Enter a 5 in the Option field; press Enter.</li></ol>
<p>The password level of i5/OS can be set to allow user profile passwords
from 1 - 10 characters or to allow user profile passwords from 1 - 128 characters.
The i5/OS password level of 0 or 1 supports passwords from 1 - 10 characters
and limits the set of characters. At level 0 or 1, i5/OS will convert passwords
to all lowercase for Windows server. The i5/OS password level of 2 or 3 supports
passwords from 1 - 128 characters and allows more characters including upper
and lower case characters. At level 2 or 3, i5/OS will preserve password case
sensitivity for Windows server. A change to the i5/OS password level takes
effect following an IPL.</p></li>
<li>Check the enrollment status of the user. Make sure the user did not already
exist in the Windows environment with a different password before you attempted
to enroll the user (see <a href="rzahqenspi.htm#rzahqenspi">Enroll a single i5/OS user to the Windows environment using iSeries Navigator</a>). If the user did exist
with a different password, enrollment will have failed. Change the Windows
password to match the i5/OS password; then perform the enrollment procedure
again.</li>
<li>If the problem still persists, check the technical information databases
at the
<img src="eserver.gif" alt="IBM branded eserver" /><a href="http://www.ibm.com/eserver/iseries/support/">IBM iSeries Support Web
page</a>
<img src="www.gif" alt="Link outside Information Center." />. If you cannot find the solution there,
contact your technical support provider.</li></ol>
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink