Preventing The TSS LIST(ACIDS) DATA(ALL) Command

search cancel

Preventing The TSS LIST(ACIDS) DATA(ALL) Command

book

Article ID: 50192

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC 24X7 High-Availability Manager for DB2 for z/OS Batch Processor Compile QQF Data Compressor for DB2 for z/OS CA Unicenter NSM RC/Update for DB2 for z/OS DB2 TOOLS- DATABASE MISC Top Secret Top Secret - LDAP

Issue/Introduction

Is there a way to limit/prevent issuing a TSS LIST(ACIDS) DATA(ALL) via CA LDAP?

Environment

Release:
Component: TSSLDP

Resolution

Per the CA LDAP Product Guide:

     disable_list_acids

When an LDAP search operation is received and a TSS LIST(ACIDS) command would be required to fulfill it, this option will disable the execution of that search. The option is intended to ensure that run away searches aren't issued to CA Top Secret.

Default: off (do not stop TSS LIST(ACIDS))

To enable the option, add the following:

     disable_list_acids

Feedback

thumb_up Yes

thumb_down No