ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahy_5.4.0.1/rzahydigest.htm

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
      "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="dc.language" scheme="rfc1766" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights                   -->
<!-- Use, duplication or disclosure restricted by            -->
<!-- GSA ADP Schedule Contract with IBM Corp.                -->
<meta name="dc.date" scheme="iso8601" content="2005-09-06" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow"/>
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<title>Directory Server (LDAP) - Configure DIGEST-MD5 authentication on the Directory Server</title>
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
<link rel="stylesheet" type="text/css" href="ic.css" />
</head>
<body>
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link --> 
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>

<img src="delta.gif" alt="Start of change" /><img src="delta.gif" alt="Start of change" />
<a name="rzahydigest"></a>
<h3 id="rzahydigest">Configure DIGEST-MD5 authentication on the Directory Server</h3>
<p>DIGEST-MD5 is an SASL authentication mechanism. When a client uses DIGEST-MD5,
the password is not transmitted in clear text and the protocol prevents replay
attacks. The Web administration tool is used to configure DIGEST-MD5.</p>
<p></p>
<ol type="1">
<li>Under <span class="bold">Server administration</span>, expand the <span class="bold">Manage security properties</span> category in the navigation
area and select the <span class="bold">DIGEST-MD5</span> tab.
<a name="wq306"></a>
<div class="notetitle" id="wq306">Note:</div>
<div class="notebody">To change server configuration settings using the tasks in the Server administration
category of the Web Administration tool, you must authenticate to the server
as an i5/OS user profile that has *ALLOBJ and IOSYSCFG special authorities.
 This can be done by authenticating as a projected user with the password
for that profile.  To bind as a projected user from the Web administration
tool, enter a username of the form <tt class="xph">os400-profile=MYUSERNAME,cn=accounts,os400-sys=MYSYSTEM.COM</tt>, where MYUSERNAME and the MYSYSTEM.COM strings are replaced with your
user profile name and the configured system projection suffix, respectively.</div></li>
<li>Under <span class="bold">Server realm</span>, use the preselected <span class="bold">Default</span> setting, which is the fully qualified host
name of the server, or you can click <span class="bold">Realm</span> and
type the name of the realm that you want to configure the server as. This
realm name is used by the client to determine which user name and password
to use. When using replication, you want to have all the servers configured
with the same realm.</li>
<li>Under <span class="bold">Username</span> attribute, use the preselected <span class="bold">Default</span> setting, which is uid, or you can click <span class="bold">Attribute</span> and type the name of the attribute that
you want the server to use to uniquely identify the user entry during DIGEST-MD5
SASL binds.</li>
<li>If you are logged in as the directory administrator, under <span class="bold">Administrator username</span>, type the administrator username. This field cannot
be edited by members of the administrative group. If the username specified
on a DIGEST-MD5 SASL bind matches this string, the user is the administrator.
<a name="wq307"></a>
<div class="notetitle" id="wq307">Note:</div>
<div class="notebody">The administrator username is case-sensitive.</div></li>
<li>When you are finished, click <span class="bold">OK</span>.</li></ol><img src="deltaend.gif" alt="End of change" /><img src="deltaend.gif" alt="End of change" />
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
</body>
</html>
Add readme and dist folders 2024-04-02 14:02:31 +00:00			`<?xml version="1.0" encoding="utf-8"?>`
			`<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"`
			`"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">`
			`<head>`
			`<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />`
			`<meta name="dc.language" scheme="rfc1766" content="en-us" />`
			`<!-- All rights reserved. Licensed Materials Property of IBM -->`
			`<!-- US Government Users Restricted Rights -->`
			`<!-- Use, duplication or disclosure restricted by -->`
			`<!-- GSA ADP Schedule Contract with IBM Corp. -->`
			`<meta name="dc.date" scheme="iso8601" content="2005-09-06" />`
			`<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />`
			`<meta name="security" content="public" />`
			`<meta name="Robots" content="index,follow"/>`
			`<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />`
			`<title>Directory Server (LDAP) - Configure DIGEST-MD5 authentication on the Directory Server</title>`
			`<link rel="stylesheet" type="text/css" href="ibmidwb.css" />`
			`<link rel="stylesheet" type="text/css" href="ic.css" />`
			`</head>`
			`<body>`
			`<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->`
			`<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>`

			`<img src="delta.gif" alt="Start of change" /><img src="delta.gif" alt="Start of change" />`
			`<a name="rzahydigest"></a>`
			`<h3 id="rzahydigest">Configure DIGEST-MD5 authentication on the Directory Server</h3>`
			`<p>DIGEST-MD5 is an SASL authentication mechanism. When a client uses DIGEST-MD5,`
			`the password is not transmitted in clear text and the protocol prevents replay`
			`attacks. The Web administration tool is used to configure DIGEST-MD5.</p>`
			`<p></p>`
			`<ol type="1">`
			`<li>Under <span class="bold">Server administration</span>, expand the <span class="bold">Manage security properties</span> category in the navigation`
			`area and select the <span class="bold">DIGEST-MD5</span> tab.`
			`<a name="wq306"></a>`
			`<div class="notetitle" id="wq306">Note:</div>`
			`<div class="notebody">To change server configuration settings using the tasks in the Server administration`
			`category of the Web Administration tool, you must authenticate to the server`
			`as an i5/OS user profile that has *ALLOBJ and IOSYSCFG special authorities.`
			`This can be done by authenticating as a projected user with the password`
			`for that profile. To bind as a projected user from the Web administration`
			`tool, enter a username of the form <tt class="xph">os400-profile=MYUSERNAME,cn=accounts,os400-sys=MYSYSTEM.COM</tt>, where MYUSERNAME and the MYSYSTEM.COM strings are replaced with your`
			`user profile name and the configured system projection suffix, respectively.</div></li>`
			`<li>Under <span class="bold">Server realm</span>, use the preselected <span class="bold">Default</span> setting, which is the fully qualified host`
			`name of the server, or you can click <span class="bold">Realm</span> and`
			`type the name of the realm that you want to configure the server as. This`
			`realm name is used by the client to determine which user name and password`
			`to use. When using replication, you want to have all the servers configured`
			`with the same realm.</li>`
			`<li>Under <span class="bold">Username</span> attribute, use the preselected <span class="bold">Default</span> setting, which is uid, or you can click <span class="bold">Attribute</span> and type the name of the attribute that`
			`you want the server to use to uniquely identify the user entry during DIGEST-MD5`
			`SASL binds.</li>`
			`<li>If you are logged in as the directory administrator, under <span class="bold">Administrator username</span>, type the administrator username. This field cannot`
			`be edited by members of the administrative group. If the username specified`
			`on a DIGEST-MD5 SASL bind matches this string, the user is the administrator.`
			`<a name="wq307"></a>`
			`<div class="notetitle" id="wq307">Note:</div>`
			`<div class="notebody">The administrator username is case-sensitive.</div></li>`
			`<li>When you are finished, click <span class="bold">OK</span>.</li></ol><img src="deltaend.gif" alt="End of change" /><img src="deltaend.gif" alt="End of change" />`
			`<a id="Bot_Of_Page" name="Bot_Of_Page"></a>`
			`</body>`
			`</html>`