1.  Home
  2. MIDRANGE-L
  3. May 2025

Re: What is: 5770NAE *BASE 5050 Network Authentication Enablement

You take this link:
https://www.ibm.com/docs/en/i/7.5.0?topic=scenarios-scenario-configuring-network-authentication-service

and you see 5770-NAE.

Change 1 character in the link and get
https://www.ibm.com/docs/en/i/7.6.0?topic=scenarios-scenario-configuring-network-authentication-service
and you no longer see 5770-NAE.

Oh well, we tried kerberos and ended up abandoning that project.

On Tue, May 27, 2025 at 2:52 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Rob,

AFAIK, only "required" if you want to use Single-Sign-On and EIM. :-)

Mark

On Tuesday, May 27, 2025 at 02:48:56 PM EDT, Rob Berendt <
robertowenberendt@xxxxxxxxx> wrote:

Thank you.
You'd think it would be mentioned as something required somewhere in here

https://www.ibm.com/docs/en/i/7.6.0?topic=security-network-authentication-service

On Tue, May 27, 2025 at 2:14 PM Mark Waterbury <
mark.s.waterbury@xxxxxxxxxxxxx> wrote:

Rob,
Google says:
IBM 5770-NAE, or Network Authentication Enablement, is an IBM i licensed
program that enables Kerberos authentication on IBM i systems. Kerberos
is
a network authentication protocol that provides a secure and reliable way
to authenticate users and services across a network. With 5770-NAE, IBM
i
can participate in a Kerberos realm, allowing users to authenticate with
their Kerberos credentials to access IBM i systems and applications.
- What is Kerberos?Kerberos is a network authentication protocol that
uses cryptography to authenticate users and services. It relies on a
trusted third party, the Key Distribution Center (KDC), to manage and
distribute keys.
- IBM i Network Authentication Enablement (5770-NAE):This licensed
program allows IBM i to function as a Kerberos client, enabling it to
participate in a Kerberos realm. It provides the necessary components for
IBM i to use Kerberos for authentication.
- Why use Kerberos with IBM i?Kerberos provides a secure and
centralized way to authenticate users and services, which is beneficial
for
organizations that rely on IBM i for their business operations. It can be
used for single sign-on (SSO), allowing users to authenticate once and
access multiple resources without re-authenticating.
- How to configure Kerberos with IBM i:The configuration process
involves planning, installing 5770-NAE, and configuring the IBM i system
to
connect to a Kerberos server (KDC). This includes defining the Kerberos
realm, configuring the KDC, and setting up keytab entries for IBM i
service
principals.
- Key benefits of using Kerberos with IBM i:
- Improved security: Kerberos provides a robust authentication
mechanism that is resistant to various attacks.
- Centralized authentication: Users authenticate once with their
Kerberos credentials and can access multiple IBM i systems and
applications.
- Single sign-on (SSO): Users can access various resources without
repeatedly entering their credentials.
- Compliance: Kerberos


I believe this is something IBM cloned from AIX and installs in PASE.
Mark
On Tuesday, May 27, 2025 at 01:59:41 PM EDT, Rob Berendt <
robertowenberendt@xxxxxxxxx> wrote:

What is: 5770NAE *BASE 5050 Network Authentication Enablement
My system says it is for V7R4 and I haven't ran that in years.
I realize that some products are skip ship and aren't always renewed with
each release but I cannot find any mention of this product.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.



--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.