We use CozLauncher to invoke commands on a Windows server and we used the following syntax to specify the domain / user name:
ARGS='-LI domain&user@servername'
After the installation of APAR OA66005 the job fails with message:
FOTS4292 remote username contains invalid characters
IBM OpenSSH has indicated that they consider the "&" to be an invalid character and we have not been able to determine a method to pass the domain and user name in the ARGS.
Does anyone have any suggestions on how to get this to work with the new standard?
Thank you,
Kevin
MSG FOTS4292 after applying APAR OA66005
Re: MSG FOTS4292 after applying APAR OA66005
I believe that Windows supports the syntax user@domain
So, try:
ARGS='-LI user@domain@servername'
So, try:
ARGS='-LI user@domain@servername'
Re: MSG FOTS4292 after applying APAR OA66005
Thank you for the response.
We tried the "@" and we no longer receive the FOTS4292 error, since @ is considered a valid character. We were still unable to get authenticated.
We had originally issued the following to create the domain / user name combination:
mkpasswd -l > /etc/passwd
mkpasswd -u USERNAME -D DOMAINNAME -S '&' >> /etc/passwd
mkgroup -l > /etc/group
mkgroup -D -S '&' >> /etc/group
We are going to repeat the steps using "+" instead of "&" since we found a reference that "+" is the domain name / user name separator for Unix/Linux.
We have verified that openSSH considers "+" to be a valid character.
Thank you,
Kevin
We tried the "@" and we no longer receive the FOTS4292 error, since @ is considered a valid character. We were still unable to get authenticated.
We had originally issued the following to create the domain / user name combination:
mkpasswd -l > /etc/passwd
mkpasswd -u USERNAME -D DOMAINNAME -S '&' >> /etc/passwd
mkgroup -l > /etc/group
mkgroup -D -S '&' >> /etc/group
We are going to repeat the steps using "+" instead of "&" since we found a reference that "+" is the domain name / user name separator for Unix/Linux.
We have verified that openSSH considers "+" to be a valid character.
Thank you,
Kevin
Re: MSG FOTS4292 after applying APAR OA66005
Using "+" as the separator resolved our problem:
mkpasswd -l > /etc/passwd
mkpasswd -u USERNAME -D DOMAINNAME -S '+' >> /etc/passwd
mkgroup -l > /etc/group
mkgroup -D -S '+' >> /etc/group
ARGS='-LI domain+user@servername'
After the application of IBM APAR OA66005, "&" was no longer considered a valid character. Changing to use a "+" instead of "&" resolved the problem.
mkpasswd -l > /etc/passwd
mkpasswd -u USERNAME -D DOMAINNAME -S '+' >> /etc/passwd
mkgroup -l > /etc/group
mkgroup -D -S '+' >> /etc/group
ARGS='-LI domain+user@servername'
After the application of IBM APAR OA66005, "&" was no longer considered a valid character. Changing to use a "+" instead of "&" resolved the problem.