Stopping MFA Once Activated
Administrators can configure settings to stop Multi Factor Authentication (MFA) after it has been activated. This functionality applies to both general MFA settings per service and individual settings for specific persons or services.
To stop Multi Factor Authentication (MFA) through general parameters per service, select 52. MFA Multi-Factor Authentication from the System Configuration screen (STRMFA > 81. System Configuration). The Multi-Factor-Authentication screen appears. If N=No is set for a service, MFA will not be applied to that service, even if MFA has been activated.
| Multi-Factor-Authentication iSecurity/MFA The following entries are considered locally even in a multi-system setting Skip MFA if error in person definition N Y=Yes, N=No Skip MFA for same User/IP if within . 5 1-1440 minutes Maximum wait time for entry . . . . . 3 3-15 minutes For MFA & AOD Maximum TOTP attempts . . . . . . . . 3 1-9 Maximum number of Emergency tokens . . 5 0-10 Time-based One-time Password (TOTP) can be replaces by Emergency tokens One Time Password (OTP) length . . . . 6 4, 6, 8 or 10 characters Default for allow OTP instead of TOTP. N Y=Yes, N=No Protect TCP services FTPSRV/REXEC. Y File Server . . Y Y=Yes, N=No Used in TCP Enablement FTP Client. . N Remote Pgm/Cmd. N and in MFA check TCP Signon. . N DDM/DRDA . . . N ODBC . . . . N FileServer max time to consider safe . 3 1-1440 minutes Web server URL E.g http://1.1.1.10:8080/pr , pr is the web application name http://1.1.1.129:8081/mfa1 No MFA: User or Device DSP01 Adjustments for MFA usages, including filters, can be set by user program SMZODTA/MFADJUST. See explanations and example in SMZO/ODSOURCE MFADJUST F3=Exit F12=Previous |
To stop Multi Factor Authentication (MFA) through MFA Settings for Persons or service, select 3. MFA Setting for Persons from the main Multi-Factor Authentication (MFA) menu (STRMFA). The MFA Setting for Persons screen appears. To disable MFA for specific persons or services, enter 6 in the Opt field for that person or service.
| MFA Setting for Persons Type options, press Enter. Position: 1=Select 3=Copy 4=Delete 5=Use MFA 6=No MFA 7=Users 8=IP-Group Using MFA Sign- FTPSRV/ FTP TCP ODBC File Remote DDM On REXEC Clnt Signon Server PgmCmd DRDA Opt Person IP-Group InOut InOut InOut InOut InOut InOut InOut InOut 6 ALEXM M M M M M M M M A123 B12 M M DB TEST M M GS 6 JAVA JAVIER M M M M M M M M M M M M M M M M KOBI M M MARY SETS M M OD More... InOut . : Inside/Outside IP-Group Encoding: blank=No MFA, M=Use MFA, R=Reject F3=Exit F6=Add new F12=Cancel |