friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamz_5.4.0.1/rzamzcompletetheplanningworksheets3.htm

188 lines
11 KiB
HTML
Raw Permalink Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Complete the planning work sheets" />
<meta name="DC.Relation" scheme="URI" content="rzamzsynchconfig.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamzcreateasystemgroup.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzamzcompletetheplanningworksheets" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Complete the planning work sheets</title>
</head>
<body id="rzamzcompletetheplanningworksheets"><a name="rzamzcompletetheplanningworksheets"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Complete the planning work sheets</h1>
<div><div class="section"><p>The following planning work sheets are tailored to fit this scenario
based on the general single signon <a href="rzamzssoplanworksheet.htm#rzamzssoplanworksheet">planning worksheets</a>. These planning work sheets demonstrate
the information that you need to gather and the decisions you need to make
to prepare for this scenario. To ensure a successful implementation, you must
be able to answer Yes to all prerequisite items in the work sheet and you
should gather all the information necessary to complete the work sheets before
you perform any configuration tasks.</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" width="100%" frame="border" border="1" rules="all"><caption>Table 1. Propagate network authentication service and EIM - prerequisite work
sheet</caption><thead align="left"><tr><th valign="top" width="60%" id="d0e24">Prerequisite work sheet</th>
<th valign="top" width="40%" id="d0e26">Answers </th>
</tr>
</thead>
<tbody><tr><td align="left" valign="top" width="60%" headers="d0e24 ">Is your <span class="keyword">iSeries™</span> V5R3
(5722-SS1) or later for the following systems:<ul><li><span class="keyword">iSeries</span> MC1</li>
<li><span class="keyword">iSeries</span> A</li>
<li><span class="keyword">iSeries</span> B</li>
<li><span class="keyword">iSeries</span> C</li>
</ul>
</td>
<td align="left" valign="top" width="40%" headers="d0e26 ">Yes</td>
</tr>
<tr><td valign="top" width="60%" headers="d0e24 ">Have you applied the latest program temporary fixes
(PTFs)?</td>
<td valign="top" width="40%" headers="d0e26 ">Yes</td>
</tr>
<tr><td valign="top" width="60%" headers="d0e24 ">For <span class="keyword">iSeries</span> D,
is your <span class="keyword">iSeries</span> V5R2 (5722-SS1)
or later?</td>
<td valign="top" width="40%" headers="d0e26 ">Yes</td>
</tr>
<tr><td valign="top" width="60%" headers="d0e24 ">For <span class="keyword">iSeries</span> D,
have you applied the latest program temporary fixes (PTFs), including the
following:<ul><li>SI08977</li>
<li>SI08979</li>
</ul>
</td>
<td valign="top" width="40%" headers="d0e26 ">Yes</td>
</tr>
<tr><td valign="top" width="60%" headers="d0e24 ">Are the following options and licensed products installed
on all your <span class="keyword">iSeries</span> systems?<ul><li><span class="keyword">iSeries</span> Host Servers (5722-SS1
Option 12)</li>
<li><span class="keyword">iSeries</span> (5722-XE1) </li>
<li>Cryptographic Access Provider (5722-AC3) for V5R2 or V5R3
systems</li>
</ul>
</td>
<td valign="top" width="40%" headers="d0e26 ">Yes</td>
</tr>
<tr><td align="left" valign="top" width="60%" headers="d0e24 ">Is <span class="keyword">i5/OS™</span> V5R3
or later <span class="keyword">iSeries</span> (5722-XE1)
installed on the administrator's PC?</td>
<td align="left" valign="top" width="40%" headers="d0e26 ">Yes</td>
</tr>
<tr><td align="left" valign="top" width="60%" headers="d0e24 ">Is <span class="keyword">i5/OS</span> V5R3
or later iSeries Navigator
installed on the administrator's PC?<ul><li>Is the Network subcomponent of <span class="keyword">iSeries Navigator</span> installed
on the administrator's PC?</li>
<li>Is the Security subcomponent of <span class="keyword">iSeries Navigator</span> installed
on the administrator's PC?</li>
</ul>
</td>
<td align="left" valign="top" width="40%" headers="d0e26 ">Yes</td>
</tr>
<tr><td valign="top" width="60%" headers="d0e24 ">Have you installed the latest IBM<img src="eserver.gif" alt="e(logo) server" /> <span class="keyword">iSeries Access for Windows<sup>®</sup></span> service
pack? For the latest service pack see <a href="http://www-1.ibm.com/servers/eserver/iseries/access/casp.htm" target="_blank">iSeries Access</a><img src="www.gif" alt="link outside the Information Center" />.</td>
<td valign="top" width="40%" headers="d0e26 ">Yes</td>
</tr>
<tr><td align="left" valign="top" width="60%" headers="d0e24 ">Do you have *SECADM, *ALLOBJ, and *IOSYSCFG
special authorities?</td>
<td align="left" valign="top" width="40%" headers="d0e26 ">Yes</td>
</tr>
<tr><td align="left" valign="top" width="60%" headers="d0e24 ">Do you have one of the following systems
acting as the Kerberos server? If yes, specify which system.<ol><li>Microsoft<sup>®</sup> <span class="keyword">Windows 2000</span> Server<div class="note"><span class="notetitle">Note:</span> Microsoft <span class="keyword">Windows 2000</span> Server uses Kerberos authentication
as its default security mechanism. </div>
</li>
<li>Windows <sup>(R)</sup> Server
2003</li>
<li><span class="keyword">i5/OS</span> PASE (V5R3 or
later)</li>
<li>AIX<sup>®</sup> server</li>
<li>zSeries<sup>®</sup></li>
</ol>
</td>
<td align="left" valign="top" width="40%" headers="d0e26 ">Yes, <span class="keyword">Windows 2000</span> Server</td>
</tr>
<tr><td align="left" valign="top" width="60%" headers="d0e24 ">For <span class="keyword">Windows 2000</span> Server
and Windows <sup>(R)</sup> Server
2003, do you have Windows Support Tools (which provides the ktpass
tool) installed?</td>
<td align="left" valign="top" width="40%" headers="d0e26 ">Yes</td>
</tr>
<tr><td align="left" valign="top" width="60%" headers="d0e24 ">Is the <span class="keyword">iSeries</span> system
time within 5 minutes of the system time on the Kerberos server? If not see <a href="../rzakh/rzakhsync.htm">Synchronize system
times</a>.</td>
<td align="left" valign="top" width="40%" headers="d0e26 ">Yes</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" width="100%" frame="border" border="1" rules="all"><caption>Table 2. Propagate network authentication
service and EIM - planning work sheet</caption><thead align="left"><tr><th valign="top" width="54.08163265306123%" id="d0e266">Planning work sheet for propagating the
network authentication service and EIM configurations from <span class="keyword">iSeries</span> A
to <span class="keyword">iSeries</span> B and <span class="keyword">iSeries</span> C</th>
<th valign="top" width="45.91836734693878%" id="d0e280">Answers </th>
</tr>
</thead>
<tbody><tr><td valign="top" width="54.08163265306123%" headers="d0e266 ">What is the name of the system group?</td>
<td valign="top" width="45.91836734693878%" headers="d0e280 ">MyCo system group</td>
</tr>
<tr><td valign="top" width="54.08163265306123%" headers="d0e266 ">Which systems will be included in this system group?</td>
<td valign="top" width="45.91836734693878%" headers="d0e280 "><span class="keyword">iSeries</span> B, <span class="keyword">iSeries</span> C</td>
</tr>
<tr><td valign="top" width="54.08163265306123%" headers="d0e266 ">Which system is the model system?</td>
<td valign="top" width="45.91836734693878%" headers="d0e280 "><span class="keyword">iSeries</span> A</td>
</tr>
<tr><td valign="top" width="54.08163265306123%" headers="d0e266 ">Which functions do you plan to propagate to this system
group?</td>
<td valign="top" width="45.91836734693878%" headers="d0e280 ">Network authentication service and Enterprise Identity
Mapping (EIM) </td>
</tr>
<tr><td valign="top" width="54.08163265306123%" headers="d0e266 ">Which type of keytab entries do you want to add to the
keytab file for the target systems?</td>
<td valign="top" width="45.91836734693878%" headers="d0e280 "><span class="keyword">i5/OS</span> Kerberos
Authentication</td>
</tr>
<tr><td valign="top" width="54.08163265306123%" headers="d0e266 ">What are the passwords that are associated with each
of the service principals for the model and target systems?<div class="note"><span class="notetitle">Note:</span> Any and all
passwords specified in this scenario are for example purposes only. To prevent
a compromise to your system or network security, you should never use these
passwords as part of your own configuration.</div>
</td>
<td valign="top" width="45.91836734693878%" headers="d0e280 "><p>Password for the principals for<br />
iSeries A, B, and C: <tt>iseriesa123</tt><br />
Password for the principal for<br />
iSeries D: <tt>iseriesd123</tt></p>
</td>
</tr>
<tr><td valign="top" width="54.08163265306123%" headers="d0e266 ">Which user do you want to use to connect to the domain
controller?</td>
<td valign="top" width="45.91836734693878%" headers="d0e280 "><p><span class="uicontrol">User type:</span> <tt>Distinguished name and password</tt><br />
<span class="uicontrol">Distinguished name: </span><tt>cn=administrator</tt><br />
<span class="uicontrol">Password:</span> <tt>mycopwd</tt></p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamzsynchconfig.htm" title="This scenario demonstrates how to use the Synchronize Functions wizard in iSeries™ Navigator to propagate a single signon configuration across multiple systems in a mixed OS/400® release environment. Administrators can save time by configuring single signon once and propagating that configuration to all of their systems, instead of configuring each system individually.">Scenario: Propagate network authentication service and EIM across multiple systems</a></div>
<div class="nextlink"><strong>Next topic:</strong> <a href="rzamzcreateasystemgroup.htm">Create a system group</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink