By "no additional charge", I meant that DIRMAINT or any product that
would need to do authentication would not have to have a charge for
having an ESM do the authentication.
Jim
Alan Altmark wrote:
On Tuesday, 12/11/2007 at 04:05 EST, Jim Bohnsack <[EMAIL PROTECTED]>
wrote:
B) There "should" be no additional charge. Not having to maintain
separate authorization paradigms in each product just about has be less
expensive for the vendor. Certainly there would be an initial startup
cost, but that should be able to be amortized in a short time and then
it's all gravy :-)
I would expect a free ESM to simply perform the same authorization check
that the individual products/features currently have, but have those
authorizations in a single place. The more granular checks I proposed
would be something a real ESM would handle. Further, there would be no
connection to CP.
You could, of course, write your own ESM to replace the free one, but make
sure that having a "roll your own" security manager is an acceptable
policy in your shop.
There is no way for IBM to give away a high-functioning ESM. That would
undermine the market for ESMs, upsetting both IBM and CA.
Alan Altmark
z/VM Development
IBM Endicott
--
Jim Bohnsack
Cornell University
(607) 255-1760
[EMAIL PROTECTED]
