Ellipse 5.2.3 Security Changes. Anybody have details??

[ozrockrat]

HI

I have heard that there have been some changes to user security in 5.2.3. Has anyone implemented this version or had anything to do with its design? I would be especially interested if anyone has back fitted it to the older versions of MIMS.

Thanks in advance.



Bevan Walsh
Professional Services Manager
Design & Report Teams UK Ltd
bevanw@designreports.co.uk

 

[blakej]

I have heard that the US MAC, has some requirements that added enhancements to Ellipse user secuirty.
A new flag in the system control called Advance User Secuity (AUS).
Some item include
- storing password history
- stricter password makeup
- changes to encryption algorithm
also our HR guy said there are changes for
employee authorities as well.

Just a warning, dont have a user with a blank password and turn AUS on - you will not be able to use that account.

All though we are not live on Ellipse 5.2.3 yet.
There was an issue with converting old password to new encrypted passwords. Mincom said there wasa "fix" - something about moving to MSF012 during conversion.

Also I heard rumours about LADP support in the future, using bypass welcome on non mainframe CICS installs.

 

[Glen]

Bevan,

The AUS required additional columns in the MSF020 table. I doubt that anyone has backfitted it.

Glen

Glen Colbert
gcolbert@rag-american.com

 

[oz1]

Has anyone got the full details, the security of 4.3.1 is so weak that if ellipes is not better we will have to put in our own mods in.