friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6290434003
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzakh_5.4.0.1/rzakhnasscenario_configurenasseriesa.htm

86 lines
6.6 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Configure network authentication service on iSeries A" />
<meta name="DC.Relation" scheme="URI" content="rzakhscen1.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhnasscenario_planningworksheets.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhnasscenario_addiseriesaprincipal.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzakhnasscenario_configurenasseriesa" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Configure network authentication service on iSeries A</title>
</head>
<body id="rzakhnasscenario_configurenasseriesa"><a name="rzakhnasscenario_configurenasseriesa"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Configure network authentication service on iSeries A</h1>
<div><div class="section">The stage needs to be set just so.</div>
<ol><li class="stepexpand"><span>In iSeries™ Navigator,
expand <span class="menucascade"><span class="uicontrol">iSeries A</span> &gt; <span class="uicontrol">Security</span></span>.</span></li>
<li class="stepexpand"><span>Right-click <span class="uicontrol">Network Authentication Service</span> and
select <span class="uicontrol">Configure</span> to start the configuration wizard.</span> <div class="note"><span class="notetitle">Note:</span> After you have configured network authentication service, this
option will be <span class="uicontrol">Reconfigure</span>.</div>
</li>
<li class="stepexpand"><span>Review the <span class="uicontrol">Welcome</span> page for information
about what objects the wizard creates. Click <span class="uicontrol">Next</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Specify realm information</span> page, enter <tt>MYCO.COM</tt> in
the <span class="uicontrol">Default realm</span> field and select <span class="uicontrol">Microsoft
Active Directory is used for Kerberos authentication</span>. Click <span class="uicontrol">Next</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Specify KDC information</span> page, enter <tt>kdc1.myco.com</tt> for
the Kerberos server in the <span class="uicontrol">KDC</span> field and enter <tt>88</tt> in
the <span class="uicontrol">Port</span> field. Click <span class="uicontrol">Next</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Specify password information</span> page,
select <span class="uicontrol">Yes</span>. Enter <tt>kdc1.myco.com</tt> in the <span class="uicontrol">Password
server</span> field and <tt>464</tt> in the <span class="uicontrol">Port</span> field.
Click <span class="uicontrol">Next</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Select keytab entries</span> page, select <span class="uicontrol"> i5/OS
Kerberos Authentication</span>. Click <span class="uicontrol">Next</span>.</span></li>
<li class="stepexpand"><span>On the <span class="uicontrol">Create i5/OS keytab entry</span> page, enter
and confirm a password. </span> For example, <kbd class="userinput">iseriesa123</kbd>. This password will be used when iSeries A is added to the Kerberos server. <div class="note"><span class="notetitle">Note:</span> Any
and all passwords used within this scenario are for example purposes only.
They should not be used during an actual configuration.</div>
Click <span class="uicontrol">Next</span>.</li>
<li class="stepexpand"><strong>Optional: </strong><span>On the <span class="uicontrol">Create batch file</span> page,
select <span class="uicontrol">Yes</span> to create this file, and specify the following
information:</span> <ul><li><span class="uicontrol">Batch file:</span> Add the text <tt>iseriesa</tt> to the
end of the default batch file name. For example, <tt>C:\Documents and Settings\All
Users\Documents\IBM\Client Access\NASConfigiseriesa.bat</tt>.</li>
<li>Select <span class="uicontrol">Include password</span>. This ensures that all
passwords associated with the i5/OS™ service principal are included in
the batch file. It is important to note that passwords are displayed in clear
text and can be read by anyone with read access to the batch file. Therefore,
it is recommended that you delete the batch file from the Kerberos server
and from your PC immediately after use.<div class="note"><span class="notetitle">Note:</span> Alternatively, you can add service
principals that are generated by the wizard manually to the Kerberos server.
If you want to know how to manually add the i5/OS service principal to the Kerberos
server, see <a href="rzakhdefineiseries.htm#rzakhdefineiseries">Add i5/OS principals to the Kerberos server</a>.</div>
</li>
</ul>
</li>
<li class="stepexpand"><span>On the <span class="uicontrol">Summary</span> page, review the network
authentication service configuration details. Click <span class="uicontrol">Finish</span>.</span></li>
</ol>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzakhscen1.htm" title="Use the following scenario to become familiar with the prerequisites and objectives of adding network authentication service to your network.">Scenario: Configure network authentication service</a></div>
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzakhnasscenario_planningworksheets.htm">Complete the planning work sheets</a></div>
<div class="nextlink"><strong>Next topic:</strong> <a href="rzakhnasscenario_addiseriesaprincipal.htm">Add iSeries A principal to the Kerberos server</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink