Q

Synching passwords between an iSeries and Windows network

Learn whether it is possible to synch passwords between an iSeries and a Windows network, and, if there a way to synch password between multiple iSeries, in this Ask the Expert Q&A.

Is it possible to synch passwords between an iSeries and a Windows network? And, is there a way to synch password between multiple iSeries'?
While Windows users can use commonly available terminal emulators to access their iSeries from their desktops, this doesn't truly synch the passwords between the two systems. Emulators are simply a pass through for the iSeries user ID and password from the Windows front end to the iSeries in the back.

The best approach would be to use single-sign on (SSO). SSO accomplishes both tasks at once – synchs your Windows passwords to your iSeries back-end and synchs the iSeries passwords for multiple systems to each other.

Fortunately, IBM has upgraded iSeries in recent years to include Kerberos functionality, which can be used for authentication in Windows 2000, 2003 and XP. Kerberos makes it easier to merge the two disparate systems – Windows, a distributed PC-based network system, and iSeries, a mainframe system – into a common authentication set up.

Kerberos requires a Key Distribution Center (KDC) for creating, managing and distributing the keys used in authentication systems, SSO or otherwise. Both domain controllers can host the KDC now that iSeries has KDC functionality with the release of i5/OS V5R3, formerly known as OS/400.

Your Windows clients will need iSeries Access for Windows or iSeries Navigator to hook up to the iSeries to complete the SSO implementation. One fundamental problem with SSO links between Windows and iSeries occurs when combining the registries used by each to store user authentication information. However, iSeries uses Enterprise Identity Mapping (EIM), a new technology developed by IBM starting with the V5R2 release to solve this problem.

Obviously, SSO deployments can be quite complicated and require a thorough understanding of your network architecture, applications and user needs and habits.

This was first published in December 2005

Dig deeper on Password Management and Policy

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close