TSS ACID attribute mapping through CA-LDAP

book

Article ID: 193507

calendar_today

Updated On:

Products

CA Top Secret CA Top Secret - LDAP CA Web Administrator for Top Secret

Issue/Introduction

A Developer is building an application to help the TSO user to reset his/her TSO password on Mainframe z/OS.

The application connects to CA-LDAP to interface with CA-TSS on z/OS.

The developer is claiming that not all attributes are returned from command like “TSS LIST(CS9050) DATA(ALL,PASSWORD,EXPIRE) FORMAT” issued by application.

More specifically, attributes expireNow or userPassword.

 

Environment

Release : 15.0

Component : CA LDAP Server

Resolution

You can only see what you are authorized to see DATA(xxx), so yes on DATA(PASSWORD)

userPassword will NEVER be shown via LDAP.

If you can't see in TSO then LDAP can't display it either