docmain.css" /> Option A. An authenticating directory with primary user objects. - Automated Sign-On for Mainframe Administrator Guide

Option A. An authenticating directory with primary user objects.

Conditions:

  • Mainframe usernames are stored on the same LDAP directory that is used to authenticate your users.

  • Every user has a single unique object.

  • Each object has multiple attributes.

  • An attribute is needed to search for mainframe usernames.

Implementation scenarios:

  1. Add an attribute to an object.

    Advantages:

    • The LDAP schema is similar to a template.

    • One user can have multiple mainframe usernames (attributes).

    Disadvantage: Requires a change in schema.

  2. Re-purpose an unused attribute.

    Advantage: No change in schema is required.