Support User Manuals

IBM 2 Computer Hardware User Manual

Open as PDF

of 508

Access_Control_Initialization CCA Release 2.54

verb_data_1_length

The verb_data_1_length parameter is a pointer to an integer variable containing

the number of bytes of data in the verb_data_1 variable.

verb_data_1

The verb_data_1 parameter is a pointer to a string variable containing data

used by the verb.

This field is used differently depending on the function being performed.

Keyword Meaning

Function to perform (one required)

INIT-AC Initializes roles and user profiles.

CHGEXPDT Changes the expiration date in a user profile.

CHG-AD Changes authentication data in a user profile or changes a

user's passphrase.

Note: The PROTECTD keyword must also be used

whenever you use CHG-AD. You must authenticate yourself

before you are allowed to change authentication data, and the

use of protected mode verifies that you have been

authenticated.

RESET-FC Resets the count of consecutive failed logon attempts for a

user. Clearing the failure count permits a user to log on

again, after being locked out due to too many failed

consecutive attempts.

Options (one or two, optional)

PROTECTD Specifies to operate in protected mode. Data sent to the

Coprocessor is protected by encrypting the data with the

user's session key, K

S

.

If the user has not successfully logged on, there is no session

key in effect, and the PROTECTD keyword will result in an

abnormal termination.

REPLACE Specifies that a new profile can replace an existing profile with

the same name. This keyword applies only when the rule

array contains the INIT-AC keyword.

Without the REPLACE keyword, any attempt to load a profile

which already exists will be rejected. This protects against

accidentally overlaying a user's profile with one for a different

user who has chosen the same profile ID as one that is

already on the Coprocessor.

Rule-Array

Keyword

Contents of verb_data_1 field

INIT-AC The field contains a list of zero or more user profiles to be

loaded into the Coprocessor. See “Profile Structure” on

page B-32.

CHGEXPDT,

CHG-AD, or

RESET-FC

The field contains the eight-character profile ID for the user

profile that is to be modified.

2-22 IBM 4758 CCA Basic Services, Release 2.54, February 2005

previous next