ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Top Secret what is MFA and SESSKEY on LIST DATA for ACID?
Article ID: 185681
Updated On:
Products
Top Secret
Issue/Introduction
What is MFA and SESSKEY is on LIST DATA? Here is how it is defined:
LIST DATA = *ALL*,PROFILES,PASSWORD,SESSKEY,MFA
Environment
Release : 16.0
Component : CA Top Secret for z/OS
Resolution
Multi-factor Authentication (MFA)
To list the portion of an ACID record that contains factor authentication data , issue the following command. Administrative ACIDs need DATA( MFA ) authority to perform this listing.
TSS LIST( acid) DATA( MFA )
DATA( MFA ) Displays the portion of the ACID record that contains defined factors, factor authentication details, and data elements.
example:
TSS LIST(CASSIE) DATA(MFA)
ACCESSORID = CASSIE NAME = CASSIE E. KOT
---------- SEGMENT MFA
PWFALLBACK = NO
FACTOR = CAPAM_PIVCAC0
MFACTIVE = YES
TAGS = PAMNAME:CN=PIVKey EE228562B324B7438D6E995360323E2C
SESSKEY
Specifies an up to 16-character hexadecimal "password" that is unique to
each application defined by a PSTKAPPL keyword in the NDT Record.
Must supply a SESSKEY with PSTKAPPL.
Normally referring to SESSKEYs for passtickets in the NDT
ex
TSS ADDTO(NDT) PSTKAPPL(applname) SESSKEY(key-descr)
TSS LIST(NDT) DATA(SESSKEY) will show all the PSTKAPPLs in the NDT
with the SESSKEY.
To list the portion of an ACID record that contains factor authentication data , issue the following command. Administrative ACIDs need DATA( MFA ) authority to perform this listing.
TSS LIST( acid) DATA( MFA )
DATA( MFA ) Displays the portion of the ACID record that contains defined factors, factor authentication details, and data elements.
example:
TSS LIST(CASSIE) DATA(MFA)
ACCESSORID = CASSIE NAME = CASSIE E. KOT
---------- SEGMENT MFA
PWFALLBACK = NO
FACTOR = CAPAM_PIVCAC0
MFACTIVE = YES
TAGS = PAMNAME:CN=PIVKey EE228562B324B7438D6E995360323E2C
SESSKEY
Specifies an up to 16-character hexadecimal "password" that is unique to
each application defined by a PSTKAPPL keyword in the NDT Record.
Must supply a SESSKEY with PSTKAPPL.
Normally referring to SESSKEYs for passtickets in the NDT
ex
TSS ADDTO(NDT) PSTKAPPL(applname) SESSKEY(key-descr)
TSS LIST(NDT) DATA(SESSKEY) will show all the PSTKAPPLs in the NDT
with the SESSKEY.
Feedback
Yes
No
Powered by
