Hi Alan, Thank You - the references to ITDS were a bit confusing. You've cleared that up totally (as you always do!). :)
-Mike > I see reference to IBM Tivoli Directory Server, but it's unclear if > this runs > on the Linux instances or the z/Series RACF hosts. IBM Tivoli Directory Server (ITDS) is LDAP. Linux LDAP PAM can communicate with any LDAP server for authentication when you logon to a Linux user (e.g. root). If that LDAP server is running on z/OS or z/VM, then it can use RACF to authenticate the *Linux* user. I.e. you could translate Linux user root to z/VM user MAINT if you wanted to, or you could just enroll ROOT in RACF. The LDAP server that runs on z/OS has the ITDS brand. The LDAP server on z/VM is a cleverly disguised z/OS ITDS server, but it does not have the ITDS brand.
