Hi Dave, Thanks for your reaction! For us it's more a compliance question. I wonder if implementing LDAP really make things better on the HMC, but there are some interesting points like security awareness and external security done by the correct department, etc. Maybe it's also a good point for HMC best practises (the discussion of some months ago)?
We shall contact our ldap folks for this project and see how it works. Last question: where is your LDAP Server located? Corjan Nota -----Original message----- Van: IBM Mainframe Discussion List [mailto:[email protected]] Namens Jousma, David Verzonden: maandag 6 april 2009 14:11 Aan: [email protected] Onderwerp: Re: HMC and LDAP I set this up on our HMC's last year. Works nicely. Make sure you are current on HMC maintenance however, there was a bug if you have userids that start with a "#" sign. The problem has been fixed. We implemented this because it became a audit finding for not handling these passwords according to our security standards(format, changes, etc). The problem with setup is that the documentation is not clear on how to set it up. We select: Locate by using the following name pattern uid={0},ou=accounts,ou=b2e,dc=yourinfo,dc=yourinfo you will have to work with your ldap folks, and come up with the proper ou= and dc= values. Dave _________________________________________________________________ Dave Jousma Assistant Vice President, Mainframe Services [email protected] 1830 East Paris, Grand Rapids, MI 49546 MD RSCB1G p 616.653.8429 f 616.653.8497 ----------------------------------------------------------------- ATTENTION: The information in this electronic mail message is private and confidential, and only intended for the addressee. Should you receive this message by mistake, you are hereby notified that any disclosure, reproduction, distribution or use of this message is strictly prohibited. Please inform the sender by reply transmission and delete the message without copying or opening it. Messages and attachments are scanned for all viruses known. If this message contains password-protected attachments, the files have NOT been scanned for viruses by the ING mail domain. Always scan attachments before opening them. ----------------------------------------------------------------- ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
