IBM 2 Computer Hardware User Manual


 
Access_Control_Initialization CCA Release 2.54
verb_data_1_length
The verb_data_1_length parameter is a pointer to an integer variable containing
the number of bytes of data in the verb_data_1 variable.
verb_data_1
The verb_data_1 parameter is a pointer to a string variable containing data
used by the verb.
This field is used differently depending on the function being performed.
Keyword Meaning
Function to perform (one required)
INIT-AC Initializes roles and user profiles.
CHGEXPDT Changes the expiration date in a user profile.
CHG-AD Changes authentication data in a user profile or changes a
user's passphrase.
Note: The PROTECTD keyword must also be used
whenever you use CHG-AD. You must authenticate yourself
before you are allowed to change authentication data, and the
use of protected mode verifies that you have been
authenticated.
RESET-FC Resets the count of consecutive failed logon attempts for a
user. Clearing the failure count permits a user to log on
again, after being locked out due to too many failed
consecutive attempts.
Options (one or two, optional)
PROTECTD Specifies to operate in protected mode. Data sent to the
Coprocessor is protected by encrypting the data with the
user's session key, K
S
.
If the user has not successfully logged on, there is no session
key in effect, and the PROTECTD keyword will result in an
abnormal termination.
REPLACE Specifies that a new profile can replace an existing profile with
the same name. This keyword applies only when the rule
array contains the INIT-AC keyword.
Without the REPLACE keyword, any attempt to load a profile
which already exists will be rejected. This protects against
accidentally overlaying a user's profile with one for a different
user who has chosen the same profile ID as one that is
already on the Coprocessor.
Rule-Array
Keyword
Contents of verb_data_1 field
INIT-AC The field contains a list of zero or more user profiles to be
loaded into the Coprocessor. See “Profile Structure” on
page B-32.
CHGEXPDT,
CHG-AD, or
RESET-FC
The field contains the eight-character profile ID for the user
profile that is to be modified.
2-22 IBM 4758 CCA Basic Services, Release 2.54, February 2005