ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzakh_5.4.0.1/rzakhkerberosscenario_allowtrustedconnections.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Allow trusted connections for the central system" />
<meta name="DC.Relation" scheme="URI" content="rzakhscenmc2.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_verifykerberosprincipal.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_repeatsteps4through6.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzakhkerberosscenario_allowtrustedconnections" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Allow trusted connections for the central system</title>
</head>
<body id="rzakhkerberosscenario_allowtrustedconnections"><a name="rzakhkerberosscenario_allowtrustedconnections"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Allow trusted connections for the central system</h1>
<div><div class="section">After the remote command runs successfully to the endpoint systems,
you need to allow trusted connections among Management Central servers. This
ensures that only the central system for MyCo2 system group (iSeries™ A)
can run tasks to the target systems.</div>
<ol><li><span>In iSeries Navigator,
right-click <span class="uicontrol">Management Central (iSeriesA)</span> and select <span class="uicontrol">Properties</span>.</span></li>
<li><span>On the <span class="uicontrol">Security</span> tab, select <span class="uicontrol">Use
Kerberos authentication</span> and set the authentication level to <span class="uicontrol">Allow
only trusted connections</span>.</span></li>
<li><span>Select <span class="uicontrol">Do not use</span> in the <span class="uicontrol">Identity
Mapping</span> field.</span></li>
<li><span>A dialog box is displayed that indicates that the changes to these
settings affect only this central system and that Kerberos must be properly
configured before these settings can be used by the Management Central server
jobs. Click <span class="uicontrol">OK</span>.</span></li>
</ol>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzakhscenmc2.htm" title="Use the following scenario to become familiar with the prerequisites and objectives for using Kerberos authentication between Management Central servers.">Scenario: Use Kerberos authentication between Management Central servers</a></div>
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzakhkerberosscenario_verifykerberosprincipal.htm">Verify the Kerberos principals are added to the trusted group file</a></div>
<div class="nextlink"><strong>Next topic:</strong> <a href="rzakhkerberosscenario_repeatsteps4through6.htm">Repeat Steps 4 through 6 for target systems</a></div>
</div>
</div>
</body>
</html>