Hi Andrew,
Thanks for pointing out my spelling mistake... it all works now.
I'm writing a blog on using the RACF callable services. I think it wood be good to use the comx/comy structures when calling a service, but I cannot see how to pass it, for example irrsfa64(comy). Is this possible? Ive tried lots of things but it passes the address of comy , instead of comy. Is it possible to use this.
I am having to use
IRRSFA64( workarea, // WORKAREA
pALET1 , // ALET
pSAF_RC, // SAF RC
instead.
Colin
------------------------------
Colin Paice
------------------------------
Original Message:
Sent: Thu January 25, 2024 01:43 AM
From: Andrew Mattingly
Subject: How to display MFA data from RACF database
Hi Colin,
I think your problem is a spelling mistake - the entry point is IRRSFA64, not IFFSAF64 (i.e. SFA, not SAF), and the IRRSFA64 stub is present in SYS1.CSSLIB, going back to z/OS 2.4 (and probably 2.3, but I've moved on :))
I can provide some sample code (in C), which calls IRRSFA64, if that would be helpful.
Kind regards
Andrew.
------------------------------
Andrew Mattingly
Original Message:
Sent: Wed January 24, 2024 01:50 PM
From: Colin Paice
Subject: How to display MFA data from RACF database
The documentation says I need to bind with IRRSAF64 stub, but I cannot find this stub in sys1.csslib ( where the other stubs are available). Is it available anywhere?
------------------------------
Colin Paice
Original Message:
Sent: Mon January 22, 2024 04:22 AM
From: Andrew Mattingly
Subject: How to display MFA data from RACF database
Hi Colin
The only method I'm aware of to access all MFA-related information in the RACF database is to use the (64-bit only) RACF callable service, IRRSFA64 (see: https://www.ibm.com/docs/en/zos/3.1.0?topic=descriptions-r-factor-irrsfa64-authentication-factor-service).
------------------------------
Andrew Mattingly
Original Message:
Sent: Fri January 19, 2024 09:40 AM
From: Colin Paice
Subject: How to display MFA data from RACF database
MFA stores information in the RACF database under CLASS(MFADEF) FACTOR.AZFSTC . I can see if if I browse the RACF database.
How do I display it?
tso rlist MFADEF FACTOR.AZFSTC MFA MFPOLICY
does not display it
ISPF panel ICHP28 and option for MFPPOLICY (but no MFA!) does not display it
In the RACF database it looks like (in hex)
c MFA MFADEF -FACTOR.AZFSTC Ø Ò{"stcInitialTraceLevel":0,"cache
0000800000001DCC44444010DCCCCC446CCCEDD4CECEEC0800EC7AA8C98A889E9888D8A8977F6788888
000030030002C46100000060461456000613369B1962332001D0F23395939133913535553FA0BF31385
It is not dumped with PGM=IRRDBU00
Does anyone have any comments on how I can display this?
Colin
------------------------------
Colin Paice
------------------------------