Passphrase

User Administration functions for modifying a user’s passphrase.

UserAdmin.set_passphrase() 



def set_passphrase(
    self,  userid: str, passphrase: str, expired: Union[bool, None] = None
) -> Union[dict, bytes]:

📄 Description

  • pyRACF encodes the data it passes to RACF in Code Page IBM-1047.
  • If you are entering a passphrase with special or national characters, users logging on from terminals using differnt or international codepages may experience errors.
  • Please consult a list of invariant characters to use for such passphrases or phrases if this applies to you.

 

  • All occurances of the specified passphrase in the returned Security Result Steps dictionary or Concatenated Security Request XML bytes are redacted.
  • When the debug class attribute is True, all occurances of the specified passphrase will be redacted in debug messages produced by this function.

 

Set a user’s passphrase.

📥 Parameters

  • userid
    The z/OS userid of the user whose passphrase is being set.

  • passphrase
    The passphrase to set for the specified user or False to delete the current value.

  • expired
    A boolean toggle that is used to determine whether or not the user’s passphrase should be set as expired, meaning that the user will be required to change their passphrase on next logon. If this argument is not provided, RACF will set the user’s passphrase as expired by default.

📤 Returns

  • Union[dict, bytes]
    Returns a Security Result Steps dictionary or Concatenated Security Request XML bytes if the UserAdmin.generate_requests_only class attribute is set to True.

❌ Raises

  • SecurityRequestError
    Raises SecurityRequestError when the SAF Return Code of a Security Result is equal to 4.
  • DownstreamFatalError
    Raises DownstreamFatalError when the SAF Return Code of a Security Result is greater than 4.
  • AlterOperationError
    Raises AlterOperationError when the z/OS userid supplied cannot be altered because it does NOT exist.

💻 Example

Python REPL 
>>> from pyracf import UserAdmin
>>> user_admin = UserAdmin()
>>> user_admin.set_passphrase("squidwrd", "PassPhrasesAreCool!")
{'step1': {'securityResult': {'user': {'name': 'SQUIDWRD', 'operation': 'set', 'requestId': 'UserRequest', 'info': ['Definition exists. Add command skipped due  to precheck option'], 'commands': [{'safReturnCode': 0, 'returnCode': 0, 'reasonCode': 0, 'image': 'ALTUSER SQUIDWRD  PHRASE    (********)'}]}, 'returnCode': 0, 'reasonCode': 0, 'runningUserid': 'testuser'}}}
Security Result Steps Dictionary as JSON 
{
  "step1": {
    "securityResult": {
      "user": {
        "name": "SQUIDWRD",
        "operation": "set",
        "requestId": "UserRequest",
        "info": [
          "Definition exists. Add command skipped due  to precheck option"
        ],
        "commands": [
          {
            "safReturnCode": 0,
            "returnCode": 0,
            "reasonCode": 0,
            "image": "ALTUSER SQUIDWRD  PHRASE    (********)"
          }
        ]
      },
      "returnCode": 0,
      "reasonCode": 0
    }
  }
}