× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Buzz

EIM and SSO is not new software - it is all on the system already and has been since at least V5R2.

It is all configuration - and that would involve some dollars, due to time, at least.

EIM is nicely described as a mapping from Windows user names to IBM i user names - they don't have to be the same, nor do the passwords need to be the same - once authenticated by Windows AD, IBM i trusts the Active Directory server, so you are let in the door at Joe's Pool Hall and Emporium.

Synchronizing becomes a non-issue.

Hope that makes a little sense, and even more that it is germane to your post!
Vern

On 4/3/2014 4:13 PM, Buzz Fenner wrote:
All,

Sorry, I neglected to be more detailed in my description of the problem.
One, we have a mix of users - some have only windows profiles & some ibm
profiles. Two, and more importantly, adding more software (i.e. more $) is
not a good option right now.

Last night, I started playing around with the idea of writing an attention
key program for the i utilizing either the qibm_qsy_chk_passwrd exit program
or qsychgpw api. That way, it'll get checked for compliance with the sysval
password rules. Otherwise, I'd have to code the rules in RPGLE (easy
enough), possibly using a regex expression (thanks Scott!).

I've used MS Powershell scripts to change user account passwords before;
should be able to fire a script using qsh, or something along those lines
from a cle.

Thanks for the ideas...

--
Buzz





As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.