Setup Multifactor Authentication on client side

Document ID : KB000108897
Last Modified Date : 31/07/2018
Show Technical Document Details
Introduction:
Setting up Vantage with MFA (multifactor authentication) on the client side

The two-factor RSA authentication feature is set up during the creation of each new host. The back end of the MFA will need to be setup by your security team. Either with RACF, Top Secret or ACF2. Then you designate that on the client side with the new host setup. 

This is from the help option in the Host creation window. 

1. For z/OS hosts you can also provide a user name and password. Generally, the user name and password are optional. However, if the host will be used in scheduled operations this information is required. If you leave the user name, password, or both fields empty, you will have to provide them each time you connect to the host. To provide the user name and password do following: 
1. Enter your user name (up to 8 characters) 
2. Select the password type in the Password Type drop-down list: 
The host definition supports the following types of passwords: 
* Password - a combination of up to 8 characters. 
* Passphrase - a passphrase of up to 100 characters. 
* Token+PIN - a two-factor RSA authentication token and PIN of up to 8 characters each. 
1. Enter the password string. 
2. Repeat the password string in the "Repeat to confirm" field. 
 
Background:

 
Instructions:
In Host Definition - select Password type: and select PASSPHRASE (instead of PIN TOKEN) 

Type passphrase: into field of Password string enter PIN and TOKEN like follows. Combine PIN + TOKEN without plus sign and space and enter to field password string. 
Save and try to log in.

f this circumvention fails, there is most likely a problem with configuration. 
Please let me know the details about your environment and try the circumvention 

Many clients do not think to use this method if they are trying to use the PIN+TOKEN, but it will work. 
If not, please contact CA Customer Support for help.