HPE Community
Operating System - OpenVMS
1753994 Members
7500 Online
108811 Solutions
New Discussion юеВ

Re: PWDMIX and SYS$ACMW on VMS 7.3-2?

 
Peter_364
Advisor

тАО02-06-2008 01:44 AM

тАО02-06-2008 01:44 AM

PWDMIX and SYS$ACMW on VMS 7.3-2?

Hello,

Trying to use characters supported by PWDMIX flag in UAF but does not seem to be accepted by SYS$ACMW service ACME$FC_CHANGE_PASSWORD, unable to find any updated information if SYS$ACMW does support any characters except captials and $ _

Anyone who know exactly the current status?
0 Kudos
7 REPLIES 7
John Gillings
Honored Contributor

тАО02-06-2008 04:40 PM

тАО02-06-2008 04:40 PM

Re: PWDMIX and SYS$ACMW on VMS 7.3-2?

Peter,

I didn't think ACME support on V7.3-2 was anything more than limited, or even only latent. Have you tried it on V8.2 or V8.3?

(remember V7.3-2 is getting quite old, and ACME is much younger)
A crucible of informative mistakes
0 Kudos
Richard W Hunt
Valued Contributor

тАО02-07-2008 09:42 AM

тАО02-07-2008 09:42 AM

Re: PWDMIX and SYS$ACMW on VMS 7.3-2?

I haven't tried this via ACM service calls, so I have to ask someone who maybe knows: Does SET PASSWORD use SYS$ACMx services? Or does SYS$ACMx for changing passwords use SET PASSWORD in some way?

I have tested PWDMIX and SET PASSWORD on OVMS 7.3-2 with a simple-minded policy routine. That works well if you just remember that your old password (entered before PWDMIX was set) appears to be all upcase even if you entered it in lowercase.

If SET PASSWORD and SYS$ACM have no common code, then sorry for adding a little fog to the landscape.
Sr. Systems Janitor
0 Kudos
Peter_364
Advisor

тАО02-07-2008 11:20 AM

тАО02-07-2008 11:20 AM

Re: PWDMIX and SYS$ACMW on VMS 7.3-2?

John,

Maybe you should see the OpenVMS System Services Reference Manual for 7.3-2 (final) to refresh your memory a bit?

The SYS$ACM[E] System Service seems to be added at VMS 7.3-1 and updated 7.3-2 and so on until 8.3.

But there seems to be an mismatch between PWDMIX and lowercase support for SYS$ACM calls.

Peter
0 Kudos
John Gillings
Honored Contributor

тАО02-07-2008 09:40 PM

тАО02-07-2008 09:40 PM

Re: PWDMIX and SYS$ACMW on VMS 7.3-2?

Peter,

I thought V7.3-1 and -2 had a kind of "Early Adopter" status, and even in V8.2 and V8.3, ACME isn't yet "complete" - still some work to do in implementing agents?

Anyway, what I've been able to find is this comment:

"ACME$_NEW_PASSWORD_1
The ACME$_NEW_PASSWORD_1 item code is an input item code. It specifies the new primary password for a password change operation. The buffer must contain a password string. The case of this string will be preserved in delivery to ACME agents. Each ACME agent has its own policy regarding whether password strings are treated in a case sensitive or a case-insensitive manner."

(similar text about case sensitivity for several other password related items)

So that leads to the question about what ACME agent is receiving your change password request, and how it determines case sensitivity?

Have you tried your code on V8.2 or V8.3?
A crucible of informative mistakes
0 Kudos
Peter_364
Advisor

тАО02-08-2008 01:53 AM

тАО02-08-2008 01:53 AM

Re: PWDMIX and SYS$ACMW on VMS 7.3-2?

Yes, it works on VMS 8.3, the same program returns:

$ run SYS$ACMW2
Old password: **********
New password: **********
Verification: **********
%ACME-E-PWDINVCHAR, password contains invalid characters

When using lowercase characters and works using capitals, the documentation is the same in 7.3-2 and 8.3

0 Kudos
Ian Miller.
Honored Contributor

тАО02-08-2008 02:56 AM

тАО02-08-2008 02:56 AM

Re: PWDMIX and SYS$ACMW on VMS 7.3-2?

I don't thik that SET PASSWORD uses $ACM system service to at least V8.3 and perhaps not even then.

____________________
Purely Personal Opinion
0 Kudos
Peter_364
Advisor

тАО02-11-2008 11:31 PM

тАО02-11-2008 11:31 PM

Re: PWDMIX and SYS$ACMW on VMS 7.3-2?

On VMS 7.3-2 lowercase characters passed to SYS$ACM returns invalid characters error message, while on VMS 8.3 it does not, it is no difference in manuals. I guess that it's a bug in VMS 7.3-2 or something else that prevent it from acting as it should.

Thanks..
/Peter
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.