Next question my customer had was, if there is a simple way of
replicating data from ITDS 6 directly to zOS RACF, without using
Directory Integrator. Currently they use a self-written application for
data synchronization for this, and they want to know if there is some
built-in easy ways of doing such things (users, groups, group memberships).
Siggi
I don't believe the z/OS server supports multi-master replication, so this
would have to be one-way replication.
John McMeeking
I would assume that ITDI is still your best bet for this task. Getting
user and group data into RACF via LDAP is not a problem, all you would
need is an application using the LDAP client API. However, picking up
changes from RACF requires processing of the LDAP change log (GDBM
backend) which can also be done using the client API but, I think, this
is non-trivial and would require a fair amount of programming work.
--
Ulrich Boche
SVA GmbH, Germany
IBM Premier Business Partner