Jim, we have successfully access LDAP / DB2 (OS/390) from Linux for S/390
using PAM LDAP for authentication. If you use RACF, as far as I
understand, you can only have 1 profile for root. This is not good because
if you break the one password you have access to all the roots of a penguin
farm running under VM. Using LDAP/DB2 (OS/390) gives you the security of
OS/390 for your depository and takes away the restriction. Carlos :-)
Carlos A. Ordonez
IBM Corporation
Server Consolidation
|---------+--------------------------------------->
| | Jim Elliott |
| | <[EMAIL PROTECTED]|
| | et.ibm.com> |
| | Sent by: Linux on 390 Port |
| | <[EMAIL PROTECTED]> |
| | |
| | |
| | 03/18/2002 12:27 PM |
| | Please respond to Linux on |
| | 390 Port |
| | |
|---------+--------------------------------------->
>-------------------------------------------------------------------------------------------------------------------------------|
|
|
| To: [EMAIL PROTECTED]
|
| cc:
|
| From:
|
| Subject: Authentication on Linux using PAM to a z/OS RACF
server |
|
|
>-------------------------------------------------------------------------------------------------------------------------------|
In theory, you should be able to use PAM to provide Linux authentication
and resource contol through to the LDAP server that is part of the z/OS
Security Server (nee RACF). Has anyone done this or does anyone have an
idea as to where to start?
Regards, Jim Elliott
