friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6290434003
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzakh_5.4.0.1/rzakhtestnas.htm

92 lines
6.1 KiB
HTML
Raw Normal View History

Add readme and dist folders
2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Test network authentication service configuration" />
<meta name="abstract" content="Test the network authentication service configuration by requesting a ticket granting ticket for your i5/OS principal." />
<meta name="description" content="Test the network authentication service configuration by requesting a ticket granting ticket for your i5/OS principal." />
<meta name="DC.Relation" scheme="URI" content="rzakhconfig.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhhome.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzakhtestnas" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Test network authentication service configuration</title>
</head>
<body id="rzakhtestnas"><a name="rzakhtestnas"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Test network authentication service configuration</h1>
<div><p>Test the network authentication service configuration by requesting
a ticket granting ticket for your i5/OS™ principal.</p>
<div class="p"><div class="p">After you have created the home directories for each user that
will connect to the i5/OS applications, you can test the network authentication
service configuration by requesting a ticket granting ticket for your i5/OS principal.
Before requesting a ticket, you should ensure that these common errors are
fixed:<ul><li>Do you have all the prerequisites for network authentication service?</li>
<li>Does a home directory exist on the iSeries™ for the user issuing the ticket
request? See <a href="rzakhhome.htm#rzakhhome">Create a home directory</a> for details.</li>
<li>Do you have the correct password for the i5/OS principal? This password was created
during network authentication configuration and should be specified in your
planning worksheets.</li>
<li>Have you added the i5/OS principal to the Kerberos server? See <a href="rzakhdefineiseries.htm#rzakhdefineiseries">Add i5/OS principals to the Kerberos server</a> for
details.</li>
</ul>
</div>
</div>
<div class="p"><span>To test network authentication service, complete the following
steps:</span><ol type="a"><li class="substepexpand"><span>On a command line, enter <tt>QSH</tt> to start the Qshell Interpreter.</span></li>
<li class="substepexpand"><span>Enter <tt>keytab list</tt> to display a list of principals registered
in the keytab file.</span> The following results should display:<pre class="screen">Principal: krbsvr400/iseriesa.myco.com@MYCO.COM
Key version: 2
Key type: 56-bit DES using key derivation
Entry timestamp: 200X/05/29-11:02:58 </pre>
</li>
<li class="substepexpand"><span>Enter <tt>kinit -k krbsvr400/fully qualified host name@REALM
NAME</tt> to request a ticket-granting ticket from the Kerberos server.</span> For example, krbsvr400/iseriesa.myco.com@MYCO.COM might be a valid
principal name for the iSeries. This command verifies that
your iSeries server
has been configured properly and the password in the keytab file matches the
password stored on the Kerberos server. If this is successful then the QSH
command will display without errors.</li>
<li class="substepexpand"><span>Enter <tt>klist</tt> to verify that the default principal is
krbsvr400/fully qualified host name @REALM NAME. </span> This command
displays the contents of a Kerberos credentials cache and verifies that a
valid ticket has been created for the iSeries service principal and placed
within the credentials cache on the iSeries system. <pre class="screen"> Ticket cache: FILE:/QIBM/USERDATA/OS400/NETWORKAUTHENTICATION/creds/krbcred
Default principal: krbsvr400/iseriesa.myco.com@MYCO.COM
Server: krbtgt/MYCO.COM@MYCO.COM
Valid 200X/06/09-12:08:45 to 20XX/11/05-03:08:45
$ </pre>
</li>
</ol>
</div>
<div class="section"><p><strong>What do I do next:</strong></p>
<p><a href="../rzalv/rzalvcnfg.htm">Configure Enterprise Identity Mapping (EIM)</a> This step
is optional if you are using network authentication service with your own
applications. However, it is recommended for use with IBM<sup>®</sup> supplied applications to create a single
signon environment.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzakhconfig.htm" title="Configure network authentication service on your systems.">Configure network authentication service</a></div>
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzakhhome.htm" title="Create a home directory for each user that will connect to the i5/OS applications.">Create a home directory</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue Copy Permalink