Top Secret what is MFA and SESSKEY on LIST DATA for ACID
search cancel

Top Secret what is MFA and SESSKEY on LIST DATA for ACID

book

Article ID: 185681

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

What is  MFA and SESSKEY is on LIST DATA?    Here is how it is defined:  

LIST DATA  = *ALL*,PROFILES,PASSWORD,SESSKEY,MFA      

 

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

Multi-factor Authentication (MFA)
To list the portion of an ACID record that contains factor authentication data , issue the following command. Administrative ACIDs need DATA( MFA ) authority to perform this listing.
TSS LIST( acid) DATA( MFA ) 
DATA( MFA ) Displays the portion of the ACID record that contains defined factors, factor authentication details, and data elements.

example:
TSS LIST(CASSIE) DATA(MFA)
ACCESSORID = CASSIE NAME = CASSIE E. KOT
---------- SEGMENT MFA
PWFALLBACK = NO
FACTOR = CAPAM_PIVCAC0
MFACTIVE = YES
TAGS = PAMNAME:CN=PIVKey 1122334455667788991010111112121313

SESSKEY
Specifies an up to 16-character hexadecimal "password" that is unique to
each application defined by a PSTKAPPL keyword in the NDT Record.
Must supply a SESSKEY with PSTKAPPL.

Normally referring to SESSKEYs for passtickets in the NDT
ex
TSS ADDTO(NDT) PSTKAPPL(applname) SESSKEY(key-descr)

TSS LIST(NDT) DATA(SESSKEY) will show all the PSTKAPPLs in the NDT
with the SESSKEY.

Powered by Wolken Software