MSG FOTS4292 after applying APAR OA66005

General discussion of the Co:Z Toolkit
Post Reply
kdl1985
Posts: 16
Joined: Thu Sep 22, 2011 2:33 pm

MSG FOTS4292 after applying APAR OA66005

Post by kdl1985 »

We use CozLauncher to invoke commands on a Windows server and we used the following syntax to specify the domain / user name:

ARGS='-LI domain&user@servername'

After the installation of APAR OA66005 the job fails with message:

FOTS4292 remote username contains invalid characters

IBM OpenSSH has indicated that they consider the "&" to be an invalid character and we have not been able to determine a method to pass the domain and user name in the ARGS.

Does anyone have any suggestions on how to get this to work with the new standard?

Thank you,
Kevin
dovetail
Site Admin
Posts: 2025
Joined: Thu Jul 29, 2004 12:12 pm

Re: MSG FOTS4292 after applying APAR OA66005

Post by dovetail »

I believe that Windows supports the syntax user@domain

So, try:

ARGS='-LI user@domain@servername'
kdl1985
Posts: 16
Joined: Thu Sep 22, 2011 2:33 pm

Re: MSG FOTS4292 after applying APAR OA66005

Post by kdl1985 »

Thank you for the response.

We tried the "@" and we no longer receive the FOTS4292 error, since @ is considered a valid character. We were still unable to get authenticated.

We had originally issued the following to create the domain / user name combination:

mkpasswd -l > /etc/passwd
mkpasswd -u USERNAME -D DOMAINNAME -S '&' >> /etc/passwd

mkgroup -l > /etc/group
mkgroup -D -S '&' >> /etc/group

We are going to repeat the steps using "+" instead of "&" since we found a reference that "+" is the domain name / user name separator for Unix/Linux.

We have verified that openSSH considers "+" to be a valid character.

Thank you,
Kevin
kdl1985
Posts: 16
Joined: Thu Sep 22, 2011 2:33 pm

Re: MSG FOTS4292 after applying APAR OA66005

Post by kdl1985 »

Using "+" as the separator resolved our problem:

mkpasswd -l > /etc/passwd
mkpasswd -u USERNAME -D DOMAINNAME -S '+' >> /etc/passwd

mkgroup -l > /etc/group
mkgroup -D -S '+' >> /etc/group

ARGS='-LI domain+user@servername'

After the application of IBM APAR OA66005, "&" was no longer considered a valid character. Changing to use a "+" instead of "&" resolved the problem.
Post Reply