 |
The Question is:
We would like to be able to provide customers with one userid and password for
all applications and operating systems. Ideally, authentication would be
redirected to the LDAP directory of the customer's choice and, after
successful authentication, the goo
d password would be synchronized with the local password database on the
platform or application, if one existed. This would allow local authentication
failover in cases where redirection could not be achieved. It would be
acceptible to just be able to d
etect local password changes and sync the new password to other platforms and
applications. We can do this for every major operating system except OpenVMS.
Are there and APIs available to aid us? Kerberos is not the answer because
it is not supported i
n too many places. I've read that there is a SDK for developers to write to
ACME. Is there and if so how do I get it? Thanks.
The Answer is :
External authentication mechanisms presently available for OpenVMS
include the Kerberos mechanism used on most UNIX platforms and on
Microsoft Windows 2000 and later, as well as the LAN Manager
authentication environment used within other Microsoft-based
environments.
An ACME External Authentication Software Developer's Kit (SDK) is
expected to ship with the OpenVMS Alpha V7.3-2 field test release,
and is expected to contain documentation and modified versions of
the LOGINOUT.EXE and SETP0.EXE (SET PASSWORD) images that specifically
use the ACME framework. Additionally, an Enterprise Directory (LDAP)
authentication evaluation kit is expected with the OpenVMS release.
Early copies of the ACME documentation have been made available outside
HP via formal request, as well -- mechanisms such as Radius-based
authentication integration with ACME are reportedly under some level
of development. For details on current Radius authentication, please
see the pointers in the OpenVMS Frequently Asked Questions (FAQ).
|
|
|
|
|
