ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

SOLVE/NetMaster MAI session using RSA Authentication/ Multi-Factor Authentication


Article ID: 207758


Updated On:


SOLVE: Access Session Management


We would like to confirm a few things in regards to RSA Authentication with NetMaster.

1 - Which format does the user need to follow for entering the RSA passcode on the NetMaster signon screen?
2 - In order for NetMaster to use MFA, do the following parms have to be set in the NMDRVCTL DD RUNSYSIN member?

- SEC=any value except NO, for example, NMSAF



Release : 5.0

Component : CA SOLVE:Access Session Management


Answer 1.

The format question is a question for your Security Team. The main thing from NetMaster side was to support passphrases which also caters for MFA tokens that can be >8 characters.

From the IBM User’s guide for MFA. Chapter 3 refers to TSO/E. Whatever works for TSO/E will work in SOLVE/NetMaster. It looks like the software generated token is the only value entered.



Answer 2.

All products have the same passphrase support which also enables use for MFA. SEC=NMSAF or SEC=NMSAFF must be used to accept credentials longer than 8 characters. XOPT=PWMIX is required. MFA values are typically entered 'as is'.

Please note: You must have the following PTF applied for SOLVE:Access Session Management to support password phrases and Multi-Factor Authentication (MFA).








Recommend reviewing our CA NETMASTER SHARED CONTENT LIBRARY 12.1 documentation, Section Multi-Factor Authentication (MFA) Password Support: