How to Save and Restore Single Sign On objects

Question & Answer

Question

Answer

Single Sign On for the IBM i consists of EIM (LDAP) and Network Authentication (Kerberos) and the following objects

1. EIM is basically LDAP data and is stored in the LDAP data library of QUSRDIRDB by default. If a different library is used or using an LDAP instance that is not the default you can verify what library is being used by looking at the file /qibm/userdata/os400/DirSrv/idsslapd-<INSTANCE>/etc/ibmslapd.conf where <INSTANCE> is the name of the LDAP instance and look for ibm-slapdDbInstance

example; ibm-slapdDbInstance: /QSYS.LIB/QUSRDIRDB.LIB

2. Network Authentication data is IFS files located in /qibm/userdata/os400/NetworkAuthentication

3. The configuration setting for EIM are stored as part of an internal object of the QSYS user profile.

Note- This document is not intended for use for Replication and High Availability of Single Sign On as there are many other factors that go into these scenarios and configuring that environment is not covered under Software Maintenance.

[{"Type":"MASTER","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"7.1.0"}]

Tips

How to Save and Restore Single Sign On objects

Question & Answer

Question

Answer

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?