Start of change

Refreshing server IP addresses

IBM® MFA obtains and caches the IP address of authentication servers, such as a RADIUS server, when the IBM MFA started task starts. If the IP address subsequently changes, IBM MFA is not aware of the change. You can use the DNSREFRESH console command to refresh the IP addresses without having to restart the IBM MFA started task.

About this task

IBM MFA caches the authentication server IP addresses for the following factors, as configured on the authentication factor attributes panels. You can use the DNSREFRESH console command only with these authentication factors:

  • AZFISAM1
  • AZFLDAP1
  • AZFRADP1
  • AZFSFNP1
  • AZFSIDR1

Procedure

Issue a Modify command of the following form: 
F <STC Job Name>,<Component> DNSREFRESH
where <STC Job Name> represents the services started task and <Component> can be one of the following literal values:
  • AZFISAM1 represents the AZFISAM1 authenticator providing support for IBM Security Verify Access.
  • AZFLDAP1 represents the AZFLDAP1 authenticator providing support for LDAP.
  • AZFRADP1 represents the AZFRADP1 authenticator providing support for generic RADIUS.
  • AZFSFNP1 represents the AZFSFNP1 authenticator providing support for SafeNet RADIUS.
  • AZFSIDR1 represents the AZFSIDR1 authenticator providing support for RSA SecurID RADIUS.
For example:
F AZF#IN00,AZFLDAP1 DNSREFRESH
End of change