Certificate Express Logon problem determination

If the client logon fails and displays the message ")USR.ID( NOT IN CP DIRECTORY", "INVALID USERID, )USR.ID(", "PASSWORD NOT AUTHORIZED" or any similar messages, check the tn3270 server log for details. Possible reasons for failures are:

• The application ID defined in the macro is not valid.
• The tn3270 server could not connect to DCAS. The host might be down.
• The client certificate is not defined in RACF or it is not valid.
• The passticket has expired and could not be used to log on.
• The tn3270 server completed scanning of data stream without replacing the user ID or password.
• The tn3270 server or the host does not support Certificate Express Logon.

Related topics:

• Express Logon overview
• Using Certificate Express Logon
• Telnet servers that support Certificate Express Logon
• Before configuring Certificate Express Logon
• Configuring Certificate Express Logon
• Recording multiple user IDs for a Certificate Express Logon macro
• Certificate Express Logon macro limitations
• Distributing a Certificate Express Logon macro
• Web Express Logon Reference