× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Good points - now for other positive spins!!

Apache web server supports Kerberos, and so does jt400 - just in case you want to start playing in those worlds.

Vern

On 2/19/2014 3:33 PM, Matt Olson wrote:
The other big App IBM i shops run into that don't support Kerberos is RDP (rational developer for power). Still have no idea why they haven't jumped on the bandwagon.



-----Original Message-----
From: Matt Olson [mailto:Matt.Olson@xxxxxxxx]
Sent: Wednesday, February 19, 2014 3:33 PM
To: Midrange Systems Technical Discussion
Subject: RE: EIM Domain and SSO

Matt,

EIM works pretty good, as long as all the applications in your environment support EIM. Some applications don't (like content manager). But for those things that do (5250) it works great.

Be sure to have the following PTF's so you don't have to scratch your head why your windows 2008 (or above) domain controllers that are handing out Kerberos tickets is failing. It wasn't long ago that the IBM i only supported DES Kerberos where as Microsoft moved to AES years ago as the default Kerberos encryption routine, and thus causes problems with Kerberos authentication, causing windows server operators to "dumb down" the encryption to the old DES standard rather then embrace the new, more secure Kerberos encryption standards.

Fix Release Description
--------- --------- ----------------------------
SI42919 V7R1 Adds AES & RC4 encryption support (krb)
SI42957 V6R1 " "
SI43034 V5R4 " "

SI43918 V7R1 Updates KRB5 header file in QSYSINC
SI43919 V6R1 " "
SI43920 V5R4 " "

Matt


-----Original Message-----
From: Matt Lavinder [mailto:mlavinder@xxxxxxxxxxxxxxxxxxx]
Sent: Wednesday, February 19, 2014 3:05 PM
To: midrange-l@xxxxxxxxxxxx
Subject: EIM Domain and SSO

We have been investigating single-sign-on I am looking at following the document here (http://is.gd/6xxMCv) for creating a SSO test environment.
I get a bit nervous about making changes as we do not have a test system. Will the act of creating a new EIM domain have any impact on existing users or objects?
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.




As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.