Question:
Why, in the TSSUTIL report, is the SRC / DRC of *0C*-0A treated as a violation?
This is obviously not an error. How do we prevent these entries from coming out in the audit / tracking file?
Answer:
The DRC 010 (x'0A') is considered a violation. This is why it shows in the TSSUTIL report. Since it is a violation, it cannot be removed.
The SRC / DRC of *0C*-0A means:
0C=PASSWORD EXPIRED
0A = PASSWORD HAS EXPIRED. NEW PASSWORD MISSING
Despite the fact that this can occur frequently and looks to be normal, it has always been treated as a violation by CA Top Secret because it is considered as a potential one.
Additional Information:
The TSSUTIL report information can be found in the CA Top Secret Report and Tracking Guide; chapter #1.
The different DRC codes can be found with their explanation in the CA Top Secret Message Reference Guide; Chapter #6.
All CA Top Secret documentation can be found on our wiki.ca.com site.