Top Secret what is MFA and SESSKEY on LIST DATA for ACID?
book
Article ID: 185681
calendar_today
Updated On:
Products
Top Secret
Issue/Introduction
What is MFA and SESSKEY is on LIST DATA? Here is how it is defined:
LIST DATA = *ALL*,PROFILES,PASSWORD,SESSKEY,MFA
Environment
Release : 16.0
Component : CA Top Secret for z/OS
Resolution
Multi-factor Authentication (MFA) To list the portion of an ACID record that contains factor authentication data , issue the following command. Administrative ACIDs need DATA( MFA ) authority to perform this listing. TSS LIST( acid) DATA( MFA ) DATA( MFA ) Displays the portion of the ACID record that contains defined factors, factor authentication details, and data elements.
example: TSS LIST(CASSIE) DATA(MFA) ACCESSORID = CASSIE NAME = CASSIE E. KOT ---------- SEGMENT MFA PWFALLBACK = NO FACTOR = CAPAM_PIVCAC0 MFACTIVE = YES TAGS = PAMNAME:CN=PIVKey EE228562B324B7438D6E995360323E2C
SESSKEY Specifies an up to 16-character hexadecimal "password" that is unique to each application defined by a PSTKAPPL keyword in the NDT Record. Must supply a SESSKEY with PSTKAPPL.
Normally referring to SESSKEYs for passtickets in the NDT ex TSS ADDTO(NDT) PSTKAPPL(applname) SESSKEY(key-descr)
TSS LIST(NDT) DATA(SESSKEY) will show all the PSTKAPPLs in the NDT with the SESSKEY.