Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

LDAP Authentication 1

Status
Not open for further replies.
tas1

tas1

MIS
Aug 1, 2003
23
GB
Ellipse 5.2.3.7 offers, via the EAC, the choice to use external authentication instead of the usual username and password.

We are in the early stages of considering using LDAP for this. Has anyone tried using this? What steps are required? And above all, does it work?

Thanks
 
Sort by date Sort by votes
Hi, Yes implemented both CICS and Tuxedo LDAP access. Tuxedo is straight forward through the EAC, CICS needs some manual changed to the EAMLDAP.c file in the ecp source area. you have to provide LDAP_HOST, LDAP_PORT, LDAP_USER_BASE, LDAP_USER and LDAP_PASSWORD (The last two only is ACTIVE DIRECTORY is used without the anonymous login enabled.
Recompile ETP or ECP.
restart Tuxedo/CICS (cold start)
change bypass welcome flag in District Control.
Off you go.
Leen van Gent
 
Upvote 0 Downvote
Thanks Ivangent.

Is there a way to deal with users who do not have an AD entry, i.e. share a PC login with others? Does this work with Citrix clients?

Regards
 
Upvote 0 Downvote
The ldap implementation of ECP / ETP is not a single sign-on implementation. you still have to connect using host authentication which is redirected to the LDAP/AD server.
On Citrix you would login with your windows username/password in the ellipse explorer and have a matching signon profile in ellipse.
Mincom is in the process of implementing a single sign-on but that will take at least another 6 months before available. No problems with citrix or shared pc's. By the way Citrix is the best way of client deployment from a management point of view that is.
 
Upvote 0 Downvote
Interesting thread. We are in the process of upgrading from MIMS4.3 to Ellipse 6.1 and have attempted to configure external authentication via CICS/ECP. The first thing we noticed was that CICS truncates the userid and password to 8 characters. Mincom have confirmed that it is a current limitation of EAMLDAP.
 
Upvote 0 Downvote
We have used it here since going tro version 5.2.3.7 by allowing cics to validate the user. Downside is your password is limited to 8 characters. what version of eac are you running?
 
Upvote 0 Downvote
We are using eac31_11. We are already limited to 8 characters due to enhanced security. Was it easy to set up, i.e following the advice above?
 
Upvote 0 Downvote
Mincom have fixed their External Authentication 8 character limitation on both userid and password lengths. ECP 3.4 fixes this issue. We are now successfully using host authentication against MSAD. It was easy to setup once Mincom provided their undocumented instructions.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ShahirHiralal
  • Locked
  • Question
Connect to Ellipse 6.3 Error - Host Authentication
Replies
2
Views
232
ShahirHiralal
ShahirHiralal
Aphramzo
  • Locked
  • Question
Using Host Authentication via CICS
Replies
2
Views
88
Aphramzo
Aphramzo
cgainey
  • Locked
  • Question
Authentication for Ellipse
Replies
1
Views
51
mimsaholic
mimsaholic
payers
  • Locked
  • Question
Unix Host Authentication of Userids in Ellipse
Replies
2
Views
72
payers
payers

Part and Inventory Search

Sponsor

Back
Top