It's Microsoft based. Active Directory? I'm not familiar with it at all. BTW, it only does password authentication. You still control who gets access to what.
_________________________________________________________________ Dave Jousma Assistant Vice President, Mainframe Services [email protected] 1830 East Paris, Grand Rapids, MI 49546 MD RSCB1G p 616.653.8429 f 616.653.8497 -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Corjan Nota Sent: Tuesday, April 07, 2009 3:46 AM To: [email protected] Subject: Re: HMC and LDAP Hi Dave, Thanks for your reaction! For us it's more a compliance question. I wonder if implementing LDAP really make things better on the HMC, but there are some interesting points like security awareness and external security done by the correct department, etc. Maybe it's also a good point for HMC best practises (the discussion of some months ago)? We shall contact our ldap folks for this project and see how it works. Last question: where is your LDAP Server located? Corjan Nota -----Original message----- Van: IBM Mainframe Discussion List [mailto:[email protected]] Namens Jousma, David Verzonden: maandag 6 april 2009 14:11 Aan: [email protected] Onderwerp: Re: HMC and LDAP I set this up on our HMC's last year. Works nicely. Make sure you are current on HMC maintenance however, there was a bug if you have userids that start with a "#" sign. The problem has been fixed. We implemented this because it became a audit finding for not handling these passwords according to our security standards(format, changes, etc). The problem with setup is that the documentation is not clear on how to set it up. We select: Locate by using the following name pattern uid={0},ou=accounts,ou=b2e,dc=yourinfo,dc=yourinfo you will have to work with your ldap folks, and come up with the proper ou= and dc= values. Dave _________________________________________________________________ Dave Jousma Assistant Vice President, Mainframe Services [email protected] 1830 East Paris, Grand Rapids, MI 49546 MD RSCB1G p 616.653.8429 f 616.653.8497 ----------------------------------------------------------------- ATTENTION: The information in this electronic mail message is private and confidential, and only intended for the addressee. Should you receive this message by mistake, you are hereby notified that any disclosure, reproduction, distribution or use of this message is strictly prohibited. Please inform the sender by reply transmission and delete the message without copying or opening it. Messages and attachments are scanned for all viruses known. If this message contains password-protected attachments, the files have NOT been scanned for viruses by the ING mail domain. Always scan attachments before opening them. ----------------------------------------------------------------- ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
