Re: Understanding QPWDLVL? . . . and my previous Tomcat query

On 5/23/14 11:39 AM, rob@xxxxxxxxx wrote:

Excellent description of that at
http://pic.dhe.ibm.com/infocenter/iseries/v7r1m0/topic/rzarl/sc415302.pdf
"Planning password level changes"

Telnet is specifically laid out as may be affected. Why?

<snip>
Any client that uses password substitution will not work correctly at
QPWDLVL 2 if the client hasn't
been updated to use the new password (passphrase) substitution scheme. The
administrator should check
whether a client which hasn't been updated to the new password
substitution scheme is required.
The clients that use password substitution include:
v TELNET

Hmm. Yet our own Java-based TN5250 client doesn't use password substitution at all, even for auto-signon (it was easier to simply SSL-enable it than to try and puzzle-out password substitution), and as to TELNET from one AS/400 to another, I've never used it with auto-signon, and in fact, up until a few minutes ago, I wasn't aware that it even had RMTUSR and RMTPWD parameters (and I note that, at least under V6, you can set RMTPWDENC according to what you're talking to). And our client products, even the ones that use Host Servers rather than our own proprietary servers, are already successfully communicating with boxes running QPWDLVL 2 (and maybe even 3), albeit with passwords of those users enrolled in client-server products restricted to 10-character, uppercase-only.

--
JHHL