On Monday, 06/04/2007 at 04:56 AST, David Boyes <[EMAIL PROTECTED]> wrote: > > The LDAP client in 5.3 might be a future possibility (not clear yet; > haven't been able to try it), but, you'd have to have VM 5.3, which > isn't GA yet.
z/VM 5.3 doesn't do that. As with z/OS there is no off-platform authentication. The LDAP server support enables centralized password management, but it isn't a two-way street. Local password changes are not propagated to the central server. > What I'd really like is a ESM that allowed integration of PAM via a > Linux guest. That way we'd only have to solve this problem once for > LDAP, NIS, NIS+, Kerberos, etc.... The interface for ESMs is fully documented as part of the Access Control Interface. Two components are needed: - A server that connects to *RPI system service - Extensions to CP to manage the *RPI connection, cache security data (for performance), and handle passwords Alan Altmark z/VM Development IBM Endicott ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
