A Developer is building an application to help the TSO user to reset his/her TSO password on Mainframe z/OS.

The application connects to CA-LDAP to interface with CA-TSS on z/OS.

The developer is claiming that not all attributes are returned from command like “TSS LIST(CS9050) DATA(ALL,PASSWORD,EXPIRE) FORMAT” issued by application.

More specifically, attributes expireNow or userPassword.

Release : 15.0

Component : CA LDAP Server

You can only see what you are authorized to see DATA(xxx), so yes on DATA(PASSWORD)

userPassword will NEVER be shown via LDAP.

If you can't see in TSO then LDAP can't display it either