Event ID - 6009

Event Id6009
SourceAS400 MDSI
DescriptionThe AS/400 in domain host security domain reports that the user username is unknown.
Event InformationAccording to Microsoft :

CAUSE
The problem occurs when the AS/400 system uses a Password Level (QPWDLVL) setting of 2 or of 3. The AS/400 system cannot decrypt the passwords that Host Integration Server 2000 includes in the Sign-On (X’1221’) General Data Stream (GDS) variable that is used to change passwords.
The password synchronization feature of Host Integration Server 2000 uses the Data Encryption Standard (DES) as the encryption mechanism when passwords are synchronized with IBM mainframes and with AS/400 iSeries systems.
On AS/400 systems that are running OS/400 V5R1 or a later version, the AS/400 expects passwords to be hashed by using Secure Hash Algorithm (SHA-1). These AS/400 systems that are running OS/400 V5R1 or a later version are configured with a Password Level (QPWDLVL) setting of 2 or of 3.

RESOLUTION
Complex changes would be required to support the SHA-1 hashing algorithm that is used by AS/400 systems that use Password Level (QPWDLVL) settings of 2 or of 3. Therefore, Host Integration Server 2000 will not be updated to support the password synchronization feature to an AS/400 when you use the increased password level.
If you have to synchronize passwords between a Windows-based system and an AS/400-based system by using Password Level (QPWDLVL) settings of 2 or of 3, Host Integration Server 2004 and Enterprise Single Sign-On (ESSO) can be used to provide this functionality. Enterprise Single Sign-On is included with Host Integration Server 2004 to provide support for enterprise-wide single sign-on solutions to non-Windows systems. This includes IBM mainframes and AS/400 systems.
Enterprise Single Sign-On also provides for password synchronization to non-Windows systems through password synchronization adaptors that are available from third-party independent software vendors (ISVs). Password synchronization adaptors for IBM mainframes and for AS/400 systems are currently available from Proginet Corporation.
Reference LinksMore Information

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh