search cancel

Force Kerberos signons in Top Secret only!

book

Article ID: 202443

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP WEB ADMINISTRATOR FOR TOP SECRET

Issue/Introduction

Is it possible to force a user to use only their Kerberos connection setup in the TSS SDT -vs- trying to connect with a password?

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

There is an attribute called PROTECTED. If a user is given this attribute, the user will loose their password and phrase. Documented at the following link.

Users with the PROTECTED attribute will no longer have the ability to signon with a phrase and password.

They still will be able to signon using other methods that dont require a password or phrase like Kerberos and digital certificates.