Password

User Administration functions for modifying a user’s password.

UserAdmin.set_password() 



def set_password(
    self, userid: str, password: Union[str, bool], expired: Union[bool, None] = None
) -> Union[dict, bytes]:

📄 Description

  • pyRACF encodes the data it passes to RACF in Code Page IBM-1047.
  • If you are entering a password with special or national characters, users logging on from terminals using differnt or international codepages may experience errors.
  • Please consult a list of invariant characters to use for such passwords or phrases if this applies to you.

 

  • All occurances of the specified password in the returned Security Result Steps dictionary or Concatenated Security Request XML bytes are redacted.
  • When the debug class attribute is True, all occurances of the specified password will be redacted in debug messages produced by this function.

 

Set a user’s password.

📥 Parameters

  • userid
    The z/OS userid of the user whose password is being set.

  • password
    The password to set for the specified user or False to delete the current value.

  • expired
    A boolean toggle that is used to determine whether or not the user’s password should be set as expired, meaning that the user will be required to change their password on next logon. If this argument is not provided, RACF will set the user’s password as expired by default.

📤 Returns

  • Union[dict, bytes]
    Returns a Security Result Steps dictionary or Concatenated Security Request XML bytes if the UserAdmin.generate_requests_only class attribute is set to True.

❌ Raises

  • SecurityRequestError
    Raises SecurityRequestError when the SAF Return Code of a Security Result is equal to 4.
  • DownstreamFatalError
    Raises DownstreamFatalError when the SAF Return Code of a Security Result is greater than 4.
  • AlterOperationError
    Raises AlterOperationError when the z/OS userid supplied cannot be altered because it does NOT exist.

💻 Example

Python REPL 
>>> from pyracf import UserAdmin
>>> user_admin = UserAdmin()
>>> user_admin.set_password("squidwrd", "K29521IO")
{'step1': {'securityResult': {'user': {'name': 'SQUIDWRD', 'operation': 'set', 'requestId': 'UserRequest', 'info': ['Definition exists. Add command skipped due  to precheck option'], 'commands': [{'safReturnCode': 0, 'returnCode': 0, 'reasonCode': 0, 'image': 'ALTUSER SQUIDWRD  PASSWORD    (********)'}]}, 'returnCode': 0, 'reasonCode': 0, 'runningUserid': 'testuser'}}}
Security Result Steps Dictionary as JSON 
{
  "step1": {
    "securityResult": {
      "user": {
        "name": "SQUIDWRD",
        "operation": "set",
        "requestId": "UserRequest",
        "info": [
          "Definition exists. Add command skipped due  to precheck option"
        ],
        "commands": [
          {
            "safReturnCode": 0,
            "returnCode": 0,
            "reasonCode": 0,
            "image": "ALTUSER SQUIDWRD  PASSWORD    (********)"
          }
        ]
      },
      "returnCode": 0,
      "reasonCode": 0
    }
  }
}