LDAP logon with passphrase

Document ID : KB000115440
Last Modified Date : 25/09/2018
Show Technical Document Details
Introduction:
need to know how we can provide a passpharse during logon via LDAP onto our TSS
Question:
We are migrating from password to pasphrase soon i need to know how we can provide a passpharse during logon via LDAP onto our TSS. 
Environment:
z/os
Answer:
CA Top Secret Password and Pass Phrase controls determine what the max length is, what characters are supported, etc.. 
CA LDAP just passes whatever is sent and TSS will verify/reject what was given to it by LDAP. 
So, it is dependent on the Top Secret passphrase control options that have been set. 


The following link shows the objectclass for PHRASE. 
You should be able to do exactly the same thing with Passphrases as you 
are doing with Passwords. 


https://docops.ca.com/ca-system-z-security-communication-servers-dsi-ldap-pam/15-1/en/configuring/configuring-ca-ldap-server/configure-the-catss_utf-backend/user-friendly-name-override-file-ca-top-secret-to-ca-ldap-server/objectclass-tssacid-tssprofile-tssdept-tssdiv-tsszone-tssgroup