|
You wouldn't use Kerberos to synchronize passwords. For the iSeries your Kerberos server is used as an alternate authentication service. So when a user authenticates to the iSeries with a Kerberos ticket the users OS400 password is never checked. In fact, you can eliminate the users password altogether (*NONE). Kurt > -----Original Message----- > From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l- > bounces@xxxxxxxxxxxx] On Behalf Of David Charmatz > Sent: Wednesday, March 01, 2006 9:03 AM > To: midrange-l@xxxxxxxxxxxx > Subject: password synch > > I read some archive posts and didn't really see any reponses to this.... > > We currently have an LPARed V5R3 system. The problem is the overhead > keeping users and their password synched up. Which leads me into the > following question: > We are setting up a HATS application to use a web browser for users to > access the 400. We have set up a single partition to act as the host and > are using a pass through (menu option) to the other partitions. The > problem > here is that the user has to enter their password on the intial login to > the > the host server, and then again to the production server. In a perfect > environment, users passwords would be synched up from the initial setup, > however, this isn't a per4fect environment. Is there anyway to keep base > 400 user profiles syched up between partitions without manual > intervention? > My initial thought on this would be to use a single login environment > using > kerberos to synch up the passwords. Has anyone attempted this? > > On a similar note, we have shared drives setup on our 400 which end users > use to upload files. The problem here is that in order to access these > shared drives, client access requires (at least on our system) the Windows > user name and password to be identical to the AS400 user name and passowrd > which also creates a lot of overhead each times a user is required to > switch > either their AS400 or Windows password. Assuming I don't setup a single > login enviroment, is there anyway around this? > > Thanks, > > David Charmatz > -- > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing > list > To post a message email: MIDRANGE-L@xxxxxxxxxxxx > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/mailman/listinfo/midrange-l > or email: MIDRANGE-L-request@xxxxxxxxxxxx > Before posting, please take a moment to review the archives > at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
