|
HP OpenVMS Systemsask the wizard |
|
The Question is: We would like to be able to provide customers with one userid and password for all applications and operating systems. Ideally, authentication would be redirected to the LDAP directory of the customer's choice and, after successful authentication, the goo d password would be synchronized with the local password database on the platform or application, if one existed. This would allow local authentication failover in cases where redirection could not be achieved. It would be acceptible to just be able to d etect local password changes and sync the new password to other platforms and applications. We can do this for every major operating system except OpenVMS. Are there and APIs available to aid us? Kerberos is not the answer because it is not supported i n too many places. I've read that there is a SDK for developers to write to ACME. Is there and if so how do I get it? Thanks. The Answer is : External authentication mechanisms presently available for OpenVMS include the Kerberos mechanism used on most UNIX platforms and on Microsoft Windows 2000 and later, as well as the LAN Manager authentication environment used within other Microsoft-based environments. An ACME External Authentication Software Developer's Kit (SDK) is expected to ship with the OpenVMS Alpha V7.3-2 field test release, and is expected to contain documentation and modified versions of the LOGINOUT.EXE and SETP0.EXE (SET PASSWORD) images that specifically use the ACME framework. Additionally, an Enterprise Directory (LDAP) authentication evaluation kit is expected with the OpenVMS release. Early copies of the ACME documentation have been made available outside HP via formal request, as well -- mechanisms such as Radius-based authentication integration with ACME are reportedly under some level of development. For details on current Radius authentication, please see the pointers in the OpenVMS Frequently Asked Questions (FAQ).
|