Home
Customizing the ADFzCC server
Multi-Factor Authentication (MFA)
When clients initially connect to the ADFzCC server they are prompted for a user ID and a password or passphrase. If the credentials are valid, the client can start sessions on the relevant z/OS system as the nominated user.

Customizing the ADFzCC server
- Required authorizations
- Multi-Factor Authentication (MFA)
  When clients initially connect to the ADFzCC server they are prompted for a user ID and a password or passphrase. If the credentials are valid, the client can start sessions on the relevant z/OS system as the nominated user.
- Using PassTickets
  The ADFzCC server can be configured to use PassTickets for authenticated clients.
- Setting SSL encrypted communications
- Using AT-TLS for encrypted communications
- Update sample IPVCONFG
- Create matching WORKDIR by running job IPVMKDIR
  The IPVMKDIR job creates a work directory to be used with the server. It is supplied in the sample library hlq.SIPVSAM1.
- Check address space timeout
- Add ports to TCPIP reservation list
- Configuration considerations for IBM® Explorer for z/OS® (z/OS® Explorer)
- Configuring TCP/IP stack affinity

Multi-Factor Authentication (MFA)

When clients initially connect to the ADFzCC server they are prompted for a user ID and a password or passphrase. If the credentials are valid, the client can start sessions on the relevant z/OS system as the nominated user.

Rather than prompting for the user ID and password each time a new session is required, the plug-in client reuses the initial user ID and password. This can pose a problem for Multi-Factor Authentication users as their password or passphrase is typically single-use only. Consequently, reusing a credential will likely fail.

To support Multi-Factor Authentication users, the ADFzCC server provides support for PassTickets. For more information about PassTickets, refer to the documentation for RACF or your equivalent security product.