Can list NOPW users without MSCA authority in CA Top Secret 16.0?
Article ID: 186760
Updated On:
Products
Top Secret
Issue/Introduction
Although MSCA can list passwords of users who have NOPW, but is this feature still invalid for SCAs in CA Top Secret 16.0?
Environment
z/OS
Resolution
This an enhancement to CA Top Secret 16.0 by applied SO10461 and SO10967.
Authorized central security control ACID (SCAs) can now list users that possess NOPW. To perform the listing, the SCA must have USE access to TSSCMD.USER.LIST.NOPW in the CASECAUT resource class.
TSS PERMIT(sca acid) CASECAUT(TSSCMD.USER.LIST.NOPW) ACCESS(USE)
Authorized central security control ACID (SCAs) can now list users that possess NOPW. To perform the listing, the SCA must have USE access to TSSCMD.USER.LIST.NOPW in the CASECAUT resource class.
TSS PERMIT(sca acid) CASECAUT(TSSCMD.USER.LIST.NOPW) ACCESS(USE)
Additional Information
In listed output, the PASSWORD field displays a value (*NOPW*) only when a user is defined with NOPW. If the user has a password defined, the PASSWORD field is blank.
Feedback
Yes
No
Powered by
