Phil, I don't know why it wouldn't work. We didn't test VM. Carlos :-)
Saying goes: Great minds think alike - I say: Great minds think for
themselves!
Carlos A. Ordonez
IBM Corporation
Server Consolidation
|---------+--------------------------->
| | "Philip J. |
| | Tully" |
| | <[EMAIL PROTECTED]|
| | net.ml.com> |
| | Sent by: Linux |
| | on 390 Port |
| | <[EMAIL PROTECTED]|
| | RIST.EDU> |
| | |
| | |
| | 03/19/2002 08:51|
| | AM |
| | Please respond |
| | to Linux on 390 |
| | Port |
| | |
|---------+--------------------------->
>-------------------------------------------------------------------------------------------------------------------------------|
|
|
| To: [EMAIL PROTECTED]
|
| cc:
|
| From:
|
| Subject: Re: Authentication on Linux using PAM to a z/OS RACF
server |
|
|
>-------------------------------------------------------------------------------------------------------------------------------|
Carlos,
Can that LDAP/DB2 be vm LDAP and DB2 under VM?
Phil
Carlos Ordonez wrote:
>
> Jim, we have successfully access LDAP / DB2 (OS/390) from Linux for
S/390
> using PAM LDAP for authentication. If you use RACF, as far as I
> understand, you can only have 1 profile for root. This is not good
because
> if you break the one password you have access to all the roots of a
penguin
> farm running under VM. Using LDAP/DB2 (OS/390) gives you the security of
> OS/390 for your depository and takes away the restriction. Carlos :-)
>
> Carlos A. Ordonez
> IBM Corporation
> Server Consolidation
>
> |---------+--------------------------------------->
> | | Jim Elliott |
> | | <[EMAIL PROTECTED]|
> | | et.ibm.com> |
> | | Sent by: Linux on 390 Port |
> | | <[EMAIL PROTECTED]> |
> | | |
> | | |
> | | 03/18/2002 12:27 PM |
> | | Please respond to Linux on |
> | | 390 Port |
> | | |
> |---------+--------------------------------------->
> >
-------------------------------------------------------------------------------------------------------------------------------|
> |
|
> | To: [EMAIL PROTECTED]
|
> | cc:
|
> | From:
|
> | Subject: Authentication on Linux using PAM to a
z/OS RACF server |
> |
|
> >
-------------------------------------------------------------------------------------------------------------------------------|
>
> In theory, you should be able to use PAM to provide Linux authentication
> and resource contol through to the LDAP server that is part of the z/OS
> Security Server (nee RACF). Has anyone done this or does anyone have an
> idea as to where to start?
>
> Regards, Jim Elliott
