Configuration File Reference › JOURNAL Record (CA VM:Secure only) › Description

Description

If you are using the Rules Facility with the JOURNAL record, the following invalid password conditions are monitored:

• Invalid logon passwords entered for the same user ID during LOGON processing
• Invalid logon passwords entered from the same device address during LOGON processing
• Invalid dial passwords entered from the same device address during DIAL command processing
• Invalid logon passwords entered during AUTOLOG or XAUTOLOG command processing
• Invalid link passwords entered during LINK command processing and LINK processing associated with Diagnose X’88’ sub-code X’04’ calls
• Invalid logon passwords specified during Diagnose X’A0’ sub-code 4 calls
• Invalid logon passwords specified during Diagnose X’88’ sub-code 8 calls
• Invalid logon passwords entered when issuing CA VM:Secure commands
• Invalid link password entered from the "Define a Link to Another User’s Minidisk" selection on the "User Selection Menu"

If you are not using the Rules Facility, only the last two invalid password conditions are monitored.

Separate journal counters are maintained for each monitored condition. The counters are reset to zero whenever a password is correctly entered or when CA VM:Secure is shut down; the appropriate counter is incremented by one whenever its password is incorrectly entered. If consecutive invalid attempts exceed the limit specified on this JOURNAL record, CA VM:Secure prevents further attempts until someone issues the JOURNAL command with the RESET parameter against that password, or issues the REST command.

When the limit of consecutive invalid logon attempts is reached, CA VM:Secure calls either the TERMPASS or USERPASS user exit, or both, if they are defined. Use both these user exits because they prohibit further attempts when the limit of invalid attempts is reached.