MIDRANGE dot COM Mailing List Archive



Home » MIDRANGE-L » March 2014

client access double sign on



fixed

Bypass signon is indeed what you are looking for.

However, the i has to be configured to allow it.

WRKSYSVAL QRMTSIGN


We long got over the paranoia that your Windows password should be
different than your IBM i password. In fact, we enforce sameness. You
change your password in Windows and Tivoli Identity Manager propagates
that to IBM i.

In iNav's Connection properties your choices are:
- Use Windows user name and password, no prompting. (which is what I use)
- Use default user id, prompt as needed
- Prompt every time
- Use Kerberos principal name, no prompting.

In the emulator I use the 'bypass signon' option.

In my case the combination of "Use Windows user name and password, no
prompting" and "bypass signon" seems to do the trick.

Are all 5 sessions to the same lpar? If so then I don't understand your
situation. If they are different lpar's then I can understand you getting
the grey box to connect to that system for each lpar (since your passwords
are different).

What is the value of QRMTSIGN for each lpar you connect to? Mine is set
to *VERIFY.
http://www-01.ibm.com/support/docview.wss?uid=nas8N1018103


I am running os/400 v7r1. I have qrmtsign set to *verify. I will turn on bypass signon and see what happens.
I do not have any LPARs, just a single 8202 E4D (is that a 720?)

I agree that with windows 7, passwords can be set the same as IBM. But I am not ready to make that switch yet. If I had Tivoli Identity manager that makes it automatic, I would do it.
---Dale






Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact