I agree with the others...
We just went straight from 1 to 3 several weeks back. It's really easy if you don't have custom sign on screens. IBM has some utilities to run so you can spot any potential issues.
Save yourself the headache and go straight to level 3.
My 2 cents..
-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of gio.cot via MIDRANGE-L
Sent: Saturday, August 21, 2021 10:44 AM
To: 'Midrange Systems Technical Discussion' <midrange-l@xxxxxxxxxxxxxxxxxx>
Cc: gio.cot <gio.cot@xxxxxxxxxxx>
Subject: Planning password level changes (QPWDLVL to level 2)
Hi all
for obvious security reasons, I must as soon as possible change QPWDLVL to
value 2
I ask please, if possible, tell me what are the steps to follow to avoid
problems.
These are the steps that i would have thought to follow:
1. Savsecdta
2. DSPAUTUSR OUTPUT(*PRINT) and check for users that don't have that a
password that is usable at password level 2
3. Check QPWDVLDPGM system value must specify either *REGFAC or *NONE
4. Change system value QPWDLVL to 2
5. Powerdwnsys with restart *yes
Anyway i have these doubts:
1. In the iSeries Access for Windows login (we still use iSerie Access
for Windows and not ACS), the password field, is ready to accept 128
character ?
2. Which minimun iSeries Access for Windows version we need to use ?
3. In the pdf at this link
https://www.ibm.com/docs/en/ssw_ibm_i_72/rzarl/sc415302.pdf at page 222,
there is a list of clients that uses password substitution will not work
correctly at QPWDLVL 2 :
. TELNET
. IBM i Access
. IBM i Host Servers
. QFileSrv.400
. IBM i NetServer Print support
. DDM
. DRDA
. SNA LU6.2
How can i check if these clients are updated for QPWDLVL level 2?
IBM i Access is the same of iSeries Access for Windows ?
Thanks in advance
Gio
midrange.com
