There was a recent thread on this very thing.
Basically it is recommended that you review
especially the section about:
Any client that uses password substitution will not work correctly at
QPWDLVL 2 if the client hasn't
been updated to use the new password (passphrase) substitution scheme. The
administrator should check
whether a client which hasn't been updated to the new password
substitution scheme is required.
The clients that use password substitution include:
v System i Access
v System i Host Servers
v System i NetServer Print support
v SNA LU6.2
So, what does that mean? Does that mean that one lpar using a DDM client
at 7.1, talking to a DDM server (also at 7.1) needs to have the 7.1 DDM
client updated to include the new password substitution scheme? Is it
solely updated by the virtue of being a 7.1 client and not some old V4R2
client (V4R2 picked at random)? Or is there some setup required to use
the "new password substitution scheme"?