On Thu, 17 Nov 2016 14:23:42 +0530, venkat kulkarni <[email protected]> wrote:
>Hello, > >Do we have any way to implement LDAP on z/os for authentication purpose. Your question is unclear. If you mean "could we run an LDAP server on z/OS so that applications running elsewhere can authenticate using that z/OS LDAP server," the answer is yes, using RACF as the backend to your z/OS LDAP server. Some application configuration adjustments might be needed, though. On the other hand, if you mean "could we run an LDAP server someplace else such that logins on z/OS (e.g., TSO, CICS) would authenticate using that LDAP server" the answer is no. Authentication on z/OS is generally via RACF. Of course, with a robust set of exits (and possibly some z/OS application modifications) it might be possible for you to offload part of the RACF authentication processing to an off-system LDAP server, but that would be a lot of programming and would probably degrade login performance significantly, especially for applications like CICS. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
