ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Allow a PUSH Notification to the RADIUS Server Under the RADIUS_PASSWORD factor.

book

Article ID: 199752

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP WEB ADMINISTRATOR FOR TOP SECRET

Issue/Introduction

Need to allow administration for a PUSH notification to the RADIUS Server under the RADIUS_PASSWORD factor when using Multi Factor Authentication with Top Secret.

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

Apply fix SO14730 to enable the ability administer PUSH notification for a RADIUS server when using MFA.

This enhancement provides the ability to pass a value of "PUSH" or some other user-defined value (such as SMS, PHONE, etc.) to a RADIUS server to invoke an automatic push or phone call to a mobile device. This feature works with the  MFA factor RADIUS_PASSWORD.                                                  
                                                                             
A new command keyword MFAPUSH was added with the syntax of:                  
MFAPUSH(NO|YES|string)                                                       
                                                                             
NO: Disables the "PUSH" value in the event that one was already assigned.    
YES: Automatically inserts the string "PUSH" in replace of a token value.    
String: Use for a value other than PUSH, like SMS, PHONE, or PHONE2.         
                                                                             
Command example:                                                             
TSS ADD(NADIA) MFACTOR(RADIUS_PASSWORD) MFADATA(RADIUSNAME:[email protected])        
MFACTIVE(FACILITY) MFAPUSH(YES)