Yes... well pretty much impossible. Would it be possible to fix up how z/OS security calls worked to always use OpenLDAP... probably... but it would be slow and cost a $$$$$$$$$$$$$$$$ to do.
But only for classic z/OS security. LDAP could be used for WebSphere on z/OS and it is possible to use LDAP to provide some security if you code for it in CICS, JAVA apps and others that code to interrogate directory services. But any of the SAF or R_* that are provided by the security products RACF, Top Secret & ACF2 cannot be replaced by OpenLDAP. Unless OpenLDAP provides a security router for z/OS and all of the R_ services for zUnix... which I can find no reference to on the OpenLDAP site. It appears that the folks at RocketSoftware based their LDAP connector on OpenLDAP. Rob Schramm Senior Systems Consultant Imperium Group On Tue, Oct 23, 2012 at 7:39 AM, Dave McHenry <[email protected]> wrote: > A manager of ours read a link that claims OPENLDAP could be used to replace > our current mainframe security. Everyone I've asked about this laughs and > says impossible. Is it impossible? > > Dave McHenry > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
