ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Support for ELF MFA RACF APAR OA53002 and SAF APAR OA53013

book

Article ID: 107468

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP

Issue/Introduction



We are looking to test IBM Express Logon/MFA (Multi-Factor Authentication) for PIV smart card logon support. IBM indicated that the below support for SAF R_FACTOR Callable Service is required. Can you tell me if corresponding support has been added for Top Secret?

The required RACF support for the ELF / MFA integration is in the SAF R_Factor Callable service with function code: x'0006' – Get Cached Token Credential It was introduced in RACF with RACF APAR OA53002 & SAF APAR OA53013. RACF MFA APAR Doc: ftp://ftp.software.ibm.com/s390/zos/racf/pdf/oa48359.pdf

Environment

Top Secret r16.0 and MFA 1.2 or 1.3.

Resolution

Top Secret fix SO00132: SUPPORT FOR IBM MFA RADIUS FACTORS.