Previous Topic: TSSPROT ExamplesNext Topic: Certificate Utility

LDS Recovery

LDS Recovery

This section contains the following topics:

About LDS Recovery

About LDS Recovery

The LDS recovery report (LDSRPT), lists all LDS requests stored in the LDS Recovery File. LDS recovery retrieves records containing information pertaining to administrative commands that ADD, REPLACE, and DELETE ACID fields as well as password changes that are eligible for LDS processing. There are no REPORT parameters for this program.

Note: Only a person with SCA or AUDIT privileges is eligible to run the LDSRPT report.

Sample JCL

The following is sample JCL to run the LDSRPT report:

//LDSRPT         EXEC    PGM=CAS4LRPT
//STEPLIB        DD      DSN=CAI.CAILIB,DISP=SHR
//LDSRCVR        DD      DSN=CALDAP.LDSRCVR,DISP-SHR
//SYSPRINT       DD      SYSOUT=*

Sample Report Output

The report title displays the date and time the report was generated. The report summary displays the total number of LDS recovery records on the LDS Recovery File. The following is a sample of the LDSRPT report output:

04.182) TIME 12.33  -  Security LDS Recovery Report         -  PAGE     1
Date    Time    LDAP Node ID    User     LDS Recovery Data

2004121 153451  LDAP.LISLE2     LDSETA2  INS LID(LDSETA2 ) OBJECTCLASS(TSSLID), ADD Name(1534       ), ADD objectclass(AC
2004121 153451  LDAP.LISLE2     LDSETA2      F2LID)
2004121 154026  LDAP.LISLE2     LDSETA2  DEL LID(LDSETA2 ) OBJECTCLASS(TSSLID)
2004121 160905  LDAP.LISLE2     LDSETA1  MOD LID(LDSETA1 ) OBJECTCLASS(TSSLID), REP Name(1608       )
2004121 162455  LDAP.LISLE2     LDSETA3  MOD LID(LDSETA3 ) OBJECTCLASS(TSSLID), REP Name(1624       )
2004121 162936  LDAP.LISLE2     LDSETA2  INS LID(LDSETA2 ) OBJECTCLASS(TSSLID), ADD Name(THIRD      ), ADD objectclass(AC
2004121 162936  LDAP.LISLE2     LDSETA2      F2LID)
DATE 06/30/04 (04.182) TIME 12.33  -  CA Top Secret Security LDS Recovery Report         -  PAGE     2

  -  Total number of LDS records processed is  05

Field Descriptions

Date

The date the LDS recovery record was stored on the LDS Recovery File.

Time

The time the LDS recovery record was stored on the LDS Recovery File.

LDAP Node ID

The LDAP Node Record ID of the LDAP server that the LDS request was originally transmitted.

User

The user's logonid of the LDS request that was updated by the CA Top Secret administrator.

LDS Recovery Data

The type of LDS request, including the list of LDAP attribute names and values to be transmitted to the LDAP server. To protect password based attribute data values from disclosure, password values are displayed as “SUPPRESSED” in this report.