EIM/SSO on System i with Password *None

80 pts.
Tags:
Client Access
EIM
NetServer
SSO
I have just configured EIM and SSO for Client Access in a proof of concept on my Development System i and initial testing is successful. However part of SSO requires setting the user password to *None. If all users are set to *None how can users use their non SSO mapped drives in Netserver? The mapped drives require that they provide a system i user id and password that also matches the windows password. In my case they would no longer have a System i password. Do I have to configure Netserver for SSO also? Thanks

Software/Hardware used:
Enterprise Identity Mapping, Single Sign-on

Answer Wiki

Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • TomLiotta
    However part of SSO requires setting the user password to *None. "Requires"? I haven't had a chance to work with EIM/SSO for a couple years (actually, more than "a couple"), but I don't recall that being a requirement. I viewed it as a nice benefit. Has it actually become a requirement? Or is it just listed as one of the steps to take? Have you tried not setting one to *NONE? If all users are set to *None how can users use their non SSO mapped drives in Netserver? The mapped drives require that they provide a system i user id and password that also matches the windows password. In my case they would no longer have a System i password. Do I have to configure Netserver for SSO also? You don't have to, but why wouldn't you? Alternatively, though, you could create secondary profiles that (1) have passwords but also (2) have INLPGM(*NONE) INLMNU(*SIGNOFF). It might be done by a fairly simple program. The passwords would only be useful for secondary network connections. After a phasing- in period, you could kerberize NetServer and drop the secondary profiles. SSO access can co-exist fine with legacy access. BTW, congratulations for making a successful implementation even if only on a test system. Tom
    125,585 pointsBadges:
    report
  • Rayj1031
    I have set up SSO on several systems. A password of *NONE is not required. That is the beauty of SSO. SSO can be implemented one user at a time after the initial configuration is complete. Note - A user with *NONE as a password will never be able to sign on to a twinax terminal. I have set up users with two 5250 emulation sessions on their desk top. One of the sessions uses SSO and the other session to the same systems requires a user profile and password to signon to the AS/400. It works very well. I have successfully enabled SSO for mapped network drives as well as 5250 emulation.
    335 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following