ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Why, in the TSSUTIL report, is the SRC / DRC of *0C*-0A treated as a violation?

book

Article ID: 33222

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP

Issue/Introduction

Question:

 

Why, in the TSSUTIL report, is the SRC / DRC of *0C*-0A treated as a violation?
 
This is obviously not an error. How do we prevent these entries from coming out in the audit / tracking file? 
 

 

Answer: 

 

The DRC 010 (x'0A') is considered a violation. This is why it shows in the TSSUTIL report. Since it is a violation, it cannot be removed.

 

The SRC / DRC of *0C*-0A means:

 

0C=PASSWORD EXPIRED 

0A = PASSWORD HAS EXPIRED. NEW PASSWORD MISSING 

 

Despite the fact that this can occur frequently and looks to be normal, it has always been treated as a violation by CA Top Secret because it is considered as a potential one.

 

Additional Information:

 

The TSSUTIL report information can be found in the CA Top Secret Report and Tracking Guide; chapter #1.
 
The different DRC codes can be found with their explanation in the CA Top Secret Message Reference Guide; Chapter #6.
 
All CA Top Secret documentation can be found on our wiki.ca.com site.
 

Environment

Release: TOPSEC00200-15-Top Secret-Security
Component:
Powered by Wolken Software