Unless I'm misunderstanding - the z/VM directory password doesn't need to be in sync with RACF -- once RACF is installed, the directory passwords are irrelevant (except the pw for the RACFVM itself.. which is needed if RACF is down so you can login to the RACFVM guest and do recovery). Keeping the passwords in a readable format is not secure, so you really don't want the actual passwords in the directory.
Scott Rohling On Sat, Oct 9, 2010 at 8:26 PM, Leland Lucius <[email protected]> wrote: > Ivan Warren wrote: > >> On 10/9/2010 8:50 PM, Leland Lucius wrote: >> >>> Better yet, can the z/VM LDAP server be used to allow >>> user/group/password management between RACF on z/VM and TIM/TDI? >>> >>> Thanks, >>> >>> Leland >>> >> >> TDI is pretty flexible.. >> >> It shouldn't be overly hard to do a DIRMAINT adapter.. >> >> Not knowing TIM/TDI at all, I've done a bit of reading and it does look > like doing password synch with zVM/RACF/LDAP would be possible, but as you > pointed out, that leaves DIRMAINT out of the picture so the directory > wouldn't be in sync with RACF. > > Looks like a TDI Connector that talked SMAPI would doo the trick though... > > Leland >
