Is there a way to limit/prevent issuing a TSS LIST(ACIDS) DATA(ALL) via CA LDAP?
Per the CA LDAP Product Guide:
When an LDAP search operation is received and a TSS LIST(ACIDS) command would be required to fulfill it, this option will disable the execution of that search. The option is intended to ensure that run away searches aren't issued to CA Top Secret.
Default: off (do not stop TSS LIST(ACIDS))
To enable the option, add the following: