I have a ticket (01158607) open on this but am adding it here for community comment/feedback.
With GENSMSG(YES) message 'TSS7099E Signon credentials invalid' is sent to both the user and SYSLOG.
With GENSMSG(NO), the user gets messages 'TSS7101E Password is Incorrect' or 'TSS7145E Accessor ID Not Defined to Security' and message 'TSS7100E 009 J=KLSTSNEV A=acid T=TCP0020 F=VTP - Incorrect Password' or ' TSS7100E 070 J=jobname A=acid T=TCP0020 F=VTP - Undefined ACID' goes to the SYSLOG.
With GENSMSG(YES), if a someone has a correct user ID but exceed password attempts, they still get messages 'TSS7120E Password Violation Threshold Exceeded' and 'TSS7141E Use of Accessor ID Suspended' which tells them the
user ID was valid.
GENSMSG(YES) shouldn't change the messages that go to SYSLOG, only messages that go to user.