Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

ITDS 6 questions - data replication to RACF

1 view
Skip to first unread message

Siegfried Hanisch IBM

unread,
Feb 15, 2007, 9:00:08 AM2/15/07
to
Hi

Next question my customer had was, if there is a simple way of
replicating data from ITDS 6 directly to zOS RACF, without using
Directory Integrator. Currently they use a self-written application for
data synchronization for this, and they want to know if there is some
built-in easy ways of doing such things (users, groups, group memberships).

Siggi

jmc...@us.ibm.com

unread,
Feb 15, 2007, 5:18:29 PM2/15/07
to
Replication to the z/OS LDAP server is possible, but it requires extra
work to set it up. Since you're an IBMer, you might want to take this to
the software.directory forum on ibmforums.ibm.com where you might catch
someone more knowledgeable on z/OS LDAP as well.

I don't believe the z/OS server supports multi-master replication, so this
would have to be one-way replication.

John McMeeking

Ulrich Boche

unread,
Feb 16, 2007, 8:00:36 AM2/16/07
to
The new ITDS on z/OS V1R8 which will become available on March 30, 2007
will be able to replicate with other servers. I'm doubtful however that
you will be able to replicate the SDBM backend (which is the LDAP
server's connection to RACF) with any other directory.

I would assume that ITDI is still your best bet for this task. Getting
user and group data into RACF via LDAP is not a problem, all you would
need is an application using the LDAP client API. However, picking up
changes from RACF requires processing of the LDAP change log (GDBM
backend) which can also be done using the client API but, I think, this
is non-trivial and would require a fair amount of programming work.
--
Ulrich Boche
SVA GmbH, Germany
IBM Premier Business Partner

0 new messages