search cancel

TicketExpiredException using CSM after converting to Advanced Authentication Mainframe (AAM) on an ACF2 system

book

Article ID: 187672

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC LDAP SERVER FOR Z/OS PAM CLIENT FOR LINUX ON MAINFRAME WEB ADMINISTRATOR FOR TOP SECRET

Issue/Introduction

CSM was converted to use Advanced Authentication Mainframe (AAM) on an ACF2 system for signons.

The initial logon to CSM works fine. When tab 'SMPE Environments' is clicked on, the following error shows up:


com.ca.mf20.zos.services.security.errors.TicketExpiredException: The CA CSM security manager does not contain the user's

login data. Log in to CA CSM with the valid password.                                                                               

  Attached Diagnostic Text:                                                                                                        

    The CA CSM security manager does not contain the user's login data. Log in to CA CSM with the valid password.                   

 

This happens with other tabs too.

Environment

Release : 16.0

Component : CA ACF2 for z/OS

Resolution

The CA Chorus Software Manager has been enhanced to support Multi-Factor Authentication. Once MFA is enabled, the password field in the login dialog accepts more than eight characters including a passphrase. PassTickets need to be configured and enabled for CSM together with MFA.
 
Check with the CSM manuals for more information on the setup.