Have some questions on this:
A) If windows AD owns the KDC, shouldn't it own the EIM/SSO as well.
B) I want to get to the point of using all of this, but unfortunately I am
in a situation where the 'I' would not be the server owner per-se.
C) I want to run a 5250 session using KEREBEROS, but I want the ISERIES
profiles/passwords to be coming from the AD side, can't this come from the
AD side so long as I just add the ISERIES to the AD realm??
In what I want to do I want my environment to be more of the slave to these
and not the host/owner of it.
Should I be leveraging LDAP to some extent as well with all of this.