Setting a Local or Centralized Server
You can set Multi-Factor Authentication to work locally, from the IBM i on which you are installing it, or from a different Centralized server.
Running locally
To run locally, open the Multi-System Setting screen (STRMFA> 81 > 95).
| Multi-System Setting iSecurity/MFA Centralize Persons & MFA in system . . *LCL Name, *LCL Actual data is placed on the above system. On that system, enter *LCL. After any change here, run Set Data Centralization, in 82. Maintenance Menu. Centralize AOD log/history in system . *LCL Name, *LCL Log entries are collected on the above system. On that system, enter *LCL. High Availability Note In case the system that centralize the information is unavailable, control has to be transferred to its High Availability system. To do this, follow: o In all the systems in the network, change the system name in this screen. Then re-start the ZAUTH subsystem. o Update the .war objects used for the web interface, and restart it. General Note Once you have done changes in this screen, exit properly by pressing Enter several times. Then, restart the ZAUTH subsystem. F3=Exit F12=Previous |
Set the Centralize Persons & MFA in system field to *LCL, then exit the screen and restart the ZAUTH subsystem.
Running from a Centralized Server
To run from a centralized server, open the Work with Network Systems screen (STRAUD> 89 > 71)
| System type: AS400 Work with Network Systems System: RLDEV Position to . . . Type options, press Enter. 1=Select 4=Remove 7=Export dfn. 8=Test DDM 9=Ping Opt System Group RLDEMO *TT Demo system Audit release 14.16 RLDEV *VVVV Razlee Develop RLG *TT RL Germany RLMED *TT RLEMD RLPRV *TT Razlee Production RL74A *VVVV Demo system RL74B *TT Test Yoel VERDE *NONE verde Bottom F3=Exit F6=Add New F7=Export dfn cmd F12=Cancel |
If the centralized server is shown on the screen, open the Modify Network System screen by entering 1 in the Opt field for that server.
| System type: AS400 Modify Network System System: RLDEV System . . . . . . . . . . RLDEMO Description . . . . . . . . Demo system Audit release 14.16 Group where included . . . *TT *Name, *NONE Communication Details IP or remote name . . . . . 1.1.1.98 Type . . . . . . . . . . . *IP *SNA, *IP Entry of *LOCAL on System . S788C420 Use WRKRDBDIRE to verify Auto filled for this system. Required for Multi-LPAR of AOD, P-R, Replication. Copy of QAUDJRN on a different system Where is QAUDJRN analyzed . *SYSTEM Name, *SYSTEM Extension Id on remote . . DM Note: After adding a system, run again "Network Authentication". F3=Exit F12=Cancel |
The screen contains these fields:
System
A unique name for the system
Description
A free text description of the system
Group where included
The name of a group of system that includes it. The name must begin with an asterisk ("*").
IP or Remote Name
The IP address or remote name of the server
Type
*SNA if the previous field shows a Remote Name; *!P if it shows an IP address.
Entry of *LOCAL on System
What *LOCAL is set to on that system. Use WRKRDBDIRE to verify the value.
Where is QAUDJRN analyzed
Where QAUDJRN is analyzed for that system.
Extension ID on Remote
When QAUDJRN is analysed, the extension added to the string "SMZ4DTA" to name the library containing the analysis. More information can be found at STRAUD > 2 > 41 > 1.
If the Centralized server is not yet shown on the screen, open the Add Network System screen by pressing the F6 key from the Work with Network Systems screen.
Open the Multi-System Setting screen (STRMFA > 81 > 95), shown above.
Set the Centralize Persons & MFA in system field to the system name of the centralized server.
Checking the Server Setting
Open the Maintenance Menu (STRMFA > 82)
| ODMINTM Maintenance Menu iSecurity/AOD System: RLDEV iSecurity Part 8 Global General 1. Export AOD Definitions 51. Check Data Centralization cfg. 2. Import AOD Definitions 52. Set Data Centralization cfg. Based on 81, Multi-System Setting 5. Display AOD,P-R,MFA Definitions 55. Copy HR Data to Persons File 56. Restore P-R Screen Texts 11. Export P-R and MFA Definitions 57. Enable NetServer User 12. Import P-R and MFA Definitions Trace Definition Modifications Authority on Demand Global 71. Add Journal 31. Display AOD Rules History 72. Remove Journal 33. Delete At-End Reports 78. Real-Time Definition Change Alerts 39. AOD Submit Job AODSBMJOB 79. Display Journal Enables F4 of CMD() in Add Authority Use RTVAODA to retriev AOD status Uninstall 98. Uninstall Selection or command ===> F3=Exit F4=Prompt F9=Retrieve F12=Cancel F13=Information Assistant F16=System main menu |
Select 52. Check & Set Data Centralization cfg.
The bottom line of the screen displays "Person/MFA files are properly set".