Preventing The TSS LIST(ACIDS) DATA(ALL) Command

book

Article ID: 50192

calendar_today

Updated On:

Products

CA ACF2 CA ACF2 - DB2 Option CA ACF2 for zVM CA ACF2 - z/OS CA ACF2 - MISC CA-24X7 High-Availability Manager for DB2 for z/OS CA-Batch Processor Compile QQF CA Data Compressor for DB2 for z/OS Data Navigator for DB2 UDB for z/OS CA-DB Delivery for DB2 CA Unicenter NSM CA Log Compress DBA for DB2 Guide Online CA InfoRefiner Advantage InfoRefiner Advantage InfoRefiner Maint Upgrade CA InfoTransport Advantage InfoTransport Maint Upgrade Online Reorg for DB2 for z/OS CA RC/Update for DB2 for z/OS Query Analyzer RI Editor for DB2 for z/OS DB2 TOOLS- DATABASE MISC CA Top Secret CA Top Secret - LDAP

Issue/Introduction

Description:

Is there a way to limit/prevent issuing a TSS LIST(ACIDS) DATA(ALL) via CA LDAP?

Solution:

Per the CA LDAP Product Guide:

     disable_list_acids   

When an LDAP search operation is received and a TSS LIST(ACIDS) command would be required to fulfill it, this option will disable the execution of that search. The option is intended to ensure that run away searches aren't issued to CA Top Secret.

Default: off (do not stop TSS LIST(ACIDS))

To enable the option, add the following:

     disable_list_acids  

Environment

Release:
Component: TSSLDP