Venkat, the base z/OS operating systems includes a terrific Lightweight Directory Access Protocol (LDAP) server at no additional charge. It supports industry standard LDAP v3 protocols. You can configure it in a variety of ways, but if you want a simple, straightforward implementation that allows TSO, CICS Transaction Server, DB2 for z/OS, and lots of other applications and middleware to share the same IDs and passwords then (in basic outline):
(a) Configure the z/OS LDAP Server so that it's able to access RACF; (b) Ideally, preferably, configure RACF (and TSO, etc.) to use passphrases (and with newer AES encryption of the database); (c) Point everything you'd like to integrate to the z/OS LDAP Server, including applications and middleware running on other platforms, and manage your IDs, permissions, and other LDAP fields there. (TLS encrypted connections are recommended and supported.) This approach is quite appealing in many ways. For more information on the z/OS LDAP Server, please visit: https://www.ibm.com/support/knowledgecenter/SSLTBW_2.2.0/com.ibm.zos.v2r2.tds/tds.htm Here is the direct link to information on the technical capabilities of the z/OS 2.2 LDAP Server: https://www.ibm.com/support/knowledgecenter/SSLTBW_2.2.0/com.ibm.zos.v2r2.glpa200/tivlcap.htm#tivlcap -------------------------------------------------------------------------------------------------------- Timothy Sipples IT Architect Executive, Industry Solutions, IBM z Systems, AP/GCG/MEA E-Mail: [email protected] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
