11.4 The ASCTEST Command

The ASCTEST command allows you to check z/OS Platform Services Process functions from an z/OS TSO session. SAMPLIB member ASCTEST can be used to run this command as a batch job.

You can use ASCTEST for

NOTE:If you set up test cases in eDirectory, keep in mind that if your replicas exist on multiple servers, it can take a few minutes for a change (resetting a password, disabling a user, etc.) to be propagated to the other replicas. This can cause such updates to appear to be delayed.

11.4.1 ASCTEST Requirements

ASCTEST is provided in the z/OS Platform Load Library as part of the Platform Services distribution. Two functions of ASCTEST require APF authorization: CHKPSWD and CHGPSWD. To APF-authorize ASCTEST, add ASCTEST as an authorized TSO command to SYS1.PARMLIB(IKJTSO xx) on the AUTHCMD NAMES(...) statement. For details, see Step 3.

11.4.2 ASCTEST Functions

You can run any of these functions at any time. If the Platform Services Process is not running, you receive a message to that effect. The results of CHKPSWD and CHGPSWD requests appear in ASCLIENT's log as well.

Status

ASCTEST STATUS

STATUS returns information about an active Platform Services Process. STATUS does not call the Platform Services Process but finds its environment data and reports it.

Exclude Test

ASCTEST EXCTEST( userid)

EXCTEST checks a user ID against the active exclude list and reports whether the user ID would be excluded from Authentication Services or not. EXCTEST does not call the Platform Services Process, but finds the its exclude list and checks the specified user ID against it.

Check Password

ASCTEST CHKPSWD( userid/ password) [ LOOP( count) ]

CHKPSWD calls the Platform Services Process with a user ID and password to be validated and reports the results and the elapsed time of the request. To repeat a request, use the LOOP parameter.

NOTE:The Core Driver treats these requests as real authentications and acts accordingly. For example, a series of consecutive invalid passwords against one user ID can cause intruder detection to be tripped for that user.

Change Password

ASCTEST CHGPSWD( userid/ oldpswd/ newpswd)

CHGPSWD calls the Platform Services Process with a user ID, a current password, and a new password, then reports the results and elapsed time for the request. The password rules that apply to the user ID's corresponding User object are applied so that the new password is rejected if it does not satisfy the rules defined to eDirectory.