Defects fixed in the IDM 4.0.2a release

RACF Driver Fixes

Small memory leak in SAFQUERY leads to growth in RACFDRV task when reading

only one attribute on a query.

An OC4 abend in RACFDRV (IKJEFTST), that can sometimes occur on shutdown on some

LPAR systems.

Query was not returning correct values for the following attributes:

DirXML-RACF-ovm-gid

DirXML-RACF-omvs-gid

Subscriber "Command" class would often execute invalid commands.

Password changes now support "NOEXPIRED":

- If no <password> element is present on the <add>, no password will

be sent to RACF and, instead, RACF will default it to the user's

default group, per the command documentation.

- If an empty <password> element is specified, then "NOPASSWORD" will be

appended to the ADDUSER command.

- If a <password> element is found with a value and ";expired" appended,

the value will be used for PASSWORD(value) on the ADDUSER, omitting

"UNEXPIRED", as to make it an expired password.

- A <password> with a normal text value, will assign a RACF password and

use the "NOEXPIRED" to create a password that is not expired.

Fixed an OC4 abend in SAFQUERY when invalid read-attrs are supplied.

Added query support for wildcards:

The following query doc:

<query scope="subtree" event-id="0">

<search-class class-name="User"/>

<search-attr attr-name="DirXML-RACF-userid">

<value>J*</value>

</search-attr>

<read-attr attr-name="DirXML-RACF-name"/>

</query>

Would return the NAME field for all RACF user profiles that start with "J".

The following keywords were not being published properly:

NOTERMUACC

GRPACC

NOGRPACC

i5os Driver

The 4.0.2 ISO contained i5osdrv.sav file from 3.6.1 media. This has been replaced with the correct version.