Adding or Modifying MFA Settings for Persons
To add MFA settings for a person, press the F6 key on the MFA Setting for Persons screen (STRMFA > 3), The Add MFA Setting for Person screen appears.
| Add MFA Setting for Person Person . . . . . . . . IP-Group . . . . . . . Type choices, press Enter. Inside Outside Server IP-Group IP-Group Sign On (Interactive) M M FTP Server REXEC FTP Client ODBC File Server Remote Pgm/Cmd DDM/DRDA Encoding: blank=No MFA, M=Use MFA, R=Reject F3=Exit F4=Prompt F12=Cancel |
To modify MFA settings for a person, enter 1 in the Opt field for that person on the MFA Setting for Persons screen (STRMFA > 3). The Modify MFA Setting for Person screen, which has the same fields as the Add MFA Setting for Person screen, appears.
| Modify MFA Setting for Person Person . . . . . . . . AV F7=Display users of Person IP-Group . . . . . . . F8=Display IP-Group info Type choices, press Enter. Inside Outside Server IP-Group IP-Group Sign On (Interactive) M M FTP Server/REXEC FTP Client TCP Signon ODBC File Server Remote Pgm/Cmd DDM/DRDA Encoding: blank=No MFA, M=Use MFA, R=Reject When IP-Group is not specified, all IPs are considered "Inside". F3=Exit F12=Cancel |
The Person field contains the name of the person.
If the person is a member of an IP-Group, the group's name appears in the IP-Group field. You can assign the person to an IP-Group in the Modify Persons screen, as shown in Modifying a Person.
The body of the screen contains lines for each of the services that the Person might attempt to access. For each, fields indicate whether authentication is needed if the Person accesses the service from Inside or Outside their IP-Group. If no IP-Group is displayed for the Person, all accesses are considered to be Inside.
Possible values are:
-
M: Require authentication.
-
R: Reject the access.
-
blank: Allow access without authentication.