MIDRANGE dot COM Mailing List Archive



Home » MIDRANGE-L » April 2014

Re: Synchronized Passwords across IBM i & Active Directory



fixed

Hi Mike

EIM has not materially changed, so far as I know.

One of the key things is a well-managed DNS in your enterprise - if not, you'll have a mess. Not sure if that was involved in your situation.

I had pretty good luck at RJS setting it up, so that I could enable WebDocs for SSO. I ended up using host table, to be sure it'd all work - didn't want to take time to ensure that DNS was really working right. Not the way to go in a production environment, I know, but you do what you have to.

I suggest contacting Pat Botz - he's the guy who wrote or managed the writing of much of EIM, and can help anyone get it working, and maintained. Or contact IBM Lab Services (I think).

HTH
Vern

On 4/2/2014 3:30 PM, Mike Cunningham wrote:
Last time we tried to use EIM was back on V5R4. That did not end well and we abandoned the process. I think the problem was on the windows admin side. Now we are at V7R1 and have had 100% turnover of the windows admins. Is EIM at V7R1 essentially the same as it was on V5R4?

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of DrFranken
Sent: Wednesday, April 02, 2014 4:22 PM
To: Midrange Systems Technical Discussion
Subject: Re: Synchronized Passwords accross IBM i & Active Directory

This is precisely what EIM and Kerberos are about. Dump your IBM i Passwords completely (except for admins) and just use the one in Windows.

If you truly need everyone to be able to sign on independently to IBM i without using any windows workstations then this is likely not the right solution for you.

- Larry "DrFranken" Bolhuis

www.frankeni.com
www.iDevCloud.com
www.iInTheCloud.com

On 4/2/2014 3:37 PM, Buzz Fenner wrote:
All,



Looking to create a new process to facilitate password change on our i
& Windows domain. Until recently, we were on a Model 520 that housed
two IXS cards. On one of those cards was our W2K3 DC. With the help of
User Enrollment on the i, we sync'd up account passwords; a user
account on the i took care of performing password maintenance on the DC.



Fast forward to today with a new server and no more Windows
integration; I have to redo that process. Just wondering how other
folks have addressed the problem!



--

Buzz Fenner

Business Systems Analyst/Systems Administrator

City Water & Light

870.930.3374 | 870.219.5229

bfenner@xxxxxxxxxxxxxxxx



--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.







Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact