LDAP logon with passphrase
Article ID: 115440
Updated On:
Products
Top Secret
Top Secret - LDAP
Issue/Introduction
need to know how we can provide a passpharse during logon via LDAP onto our TSS
We are migrating from password to pasphrase soon i need to know how we can provide a passpharse during logon via LDAP onto our TSS.
We are migrating from password to pasphrase soon i need to know how we can provide a passpharse during logon via LDAP onto our TSS.
Environment
z/os
Resolution
CA Top Secret Password and Pass Phrase controls determine what the max length is, what characters are supported, etc..
CA LDAP just passes whatever is sent and TSS will verify/reject what was given to it by LDAP.
So, it is dependent on the Top Secret passphrase control options that have been set.
The following link shows the objectclass for PHRASE.
You should be able to do exactly the same thing with Passphrases as you
are doing with Passwords.
https://docops.ca.com/ca-system-z-security-communication-servers-dsi-ldap-pam/15-1/en/configuring/configuring-ca-ldap-server/configure-the-catss_utf-backend/user-friendly-name-override-file-ca-top-secret-to-ca-ldap-server/objectclass-tssacid-tssprofile-tssdept-tssdiv-tsszone-tssgroup
CA LDAP just passes whatever is sent and TSS will verify/reject what was given to it by LDAP.
So, it is dependent on the Top Secret passphrase control options that have been set.
The following link shows the objectclass for PHRASE.
You should be able to do exactly the same thing with Passphrases as you
are doing with Passwords.
https://docops.ca.com/ca-system-z-security-communication-servers-dsi-ldap-pam/15-1/en/configuring/configuring-ca-ldap-server/configure-the-catss_utf-backend/user-friendly-name-override-file-ca-top-secret-to-ca-ldap-server/objectclass-tssacid-tssprofile-tssdept-tssdiv-tsszone-tssgroup
Feedback
Yes
No
Powered by
