IBM Tivoli Directory Server for z/OS


Book Description

This IBM® Redbooks® publication examines the IBM Tivoli® Directory Server for z/OS®. IBM Tivoli Directory Server is a powerful Lightweight Directory Access Protocol (LDAP) infrastructure that provides a foundation for deploying comprehensive identity management applications and advanced software architectures. This publication provides an introduction to the IBM Tivoli Directory Server for z/OS that provides a brief summary of its features and a examination of the possible deployment topologies. It discusses planning a deployment of IBM Tivoli Directory Server for z/OS, which includes prerequisites, planning considerations, and data stores, and provides a brief overview of the configuration process. Additional chapters provide a detailed discussion of the IBM Tivoli Directory Server for z/OS architecture that examines the supported back ends, discusses in what scenarios they are best used, and provides usage examples for each back end. The discussion of schemas breaks down the schema and provides guidance on extending it. A broad discussion of authentication, authorization, and security examines the various access protections, bind mechanisms, and transport security available with IBM Tivoli Directory Server for z/OS. This chapter also provides an examination of the new Password Policy feature. Basic and advanced replication topologies are also covered. A discussion on plug-ins provides details on the various types of plug-ins, the plug-in architecture, and creating a plug-in, and provides an example plug-in. Integration of IBM Tivoli Directory Server for z/OS into the IBM Workload Manager environment is also covered. This publication also provides detailed information about the configuration of IBM Tivoli Directory Server for z/OS. It discusses deploying IBM Tivoli Directory Server for z/OS on a single system, with examples of configuring the available back ends. Configuration examples are also provided for deploying the server in a Sysplex, and for both basic and advanced replication topologies. Finally it provides guidance on monitoring and debugging IBM Tivoli Directory Server for z/OS.




Integrating IBM Security and SAP Solutions


Book Description

Many large and medium-sized organizations have made strategic investments in the SAP NetWeaver technology platform as their primary application platform. In fact, SAP software is used to manage many core business processes and data. As a result, it is critical for all organizations to manage the life cycle of user access to the SAP applications while adhering to security and risk compliance requirements. In this IBM® Redbooks® publication, we discuss the integration points into SAP solutions that are supported by the IBM Security access and identity management product capabilities. IBM Security software offers a range of identity management (IdM) adapters and access management components for SAP solutions that are available with IBM Tivoli® Identity Manager, IBM Tivoli Directory Integrator, IBM Tivoli Directory Server, IBM Access Manager for e-business, IBM Tivoli Access Manager for Enterprise Single Sign-On, and IBM Tivoli Federated Identity Manager. This book is a valuable resource for security officers, consultants, administrators, and architects who want to understand and implement an identity management solution for an SAP environment.




z/OS: WebSphere Business Process Management V7 Production Topologies


Book Description

In this IBM® Redbooks® publication, we address the configuration, administration, and security of the key runtime environments in business process management: WebSphere® Process Server V7.0 and WebSphere Business Services Fabric V7.0 for z/OS®. This book provides detailed guidance to z/OS system and database administrators who want to configure WebSphere Business Process Management production topologies. We introduce production topology concepts and terminology and explore the differences between production topologies on distributed platforms and z/OS. Through a series of step-by-step instructions, you will learn how to create and verify a production topology environment for WebSphere Process Server V7 for z/OS. We extend the production topology concept for WebSphere Process Server by describing step-by-step how to add WebSphere Business Services Fabric V7 for z/OS into the topology. You also get problem diagnosis and prevention guidance to use when you create your own production topologies. A separate publication that covers distributed platforms is also available: "WebSphere Business Process Management V7 Production Topologies," SG24-7854.




ABCs of IBM z/OS System Programming Volume 6


Book Description

The ABCs of IBM® z/OS® System Programming is an 11-volume collection that provides an introduction to the z/OS operating system and the hardware architecture. Whether you are a beginner or an experienced system programmer, the ABCs collection provides the information that you need to start your research into z/OS and related subjects. If you want to become more familiar with z/OS in your current environment or if you are evaluating platforms to consolidate your e-business applications, the ABCs collection can serve as a powerful technical tool. Following are the contents of the volumes: Volume 1: Introduction to z/OS and storage concepts, TSO/E, ISPF, JCL, SDSF, and z/OS delivery and installation Volume 2: z/OS implementation and daily maintenance, defining subsystems, JES2 and JES3, LPA, LNKLST, authorized libraries, IBM Language Environment®, and SMP/E Volume 3: Introduction to DFSMS, data set basics, storage management hardware and software, VSAM, System-managed storage, catalogs, and DFSMStvs Volume 4: Communication Server, TCP/IP, and IBM VTAM® Volume 5: Base and IBM Parallel Sysplex®, System Logger, Resource Recovery Services (RRS), global resource serialization (GRS), z/OS system operations, automatic restart management (ARM), and IBM Geographically Dispersed Parallel SysplexTM (IBM GDPS®) Volume 6: Introduction to security, IBM RACF®, digital certificates and public key infrastructure (PKI), Kerberos, cryptography and IBM z9® integrated cryptography, Lightweight Directory Access Protocol (LDAP), and Enterprise Identity Mapping (EIM) Volume 7: Printing in a z/OS environment, Infoprint Server, and Infoprint Central Volume 8: An introduction to z/OS problem diagnosis Volume 9: z/OS UNIX System Services Volume 10: Introduction to IBM z/Architecture®, IBM System z® processor design, System z connectivity, logical partition (LPAR) concepts, hardware configuration definition (HCD), and Hardware Management Console (HMC) Volume 11: Capacity planning, performance management, Workload Manager (WLM), IBM Resource Measurement FacilityTM (RMFTM), and System Management Facilities (SMF)




Synchronizing IBM RACF Data by using IBM Tivoli Directory Integrator


Book Description

This IBM® RedpaperTM publication provides an example of a solution to synchronize an IBM RACF® user ID, password, and password phrase data between IBM z/OS® and IBM z/VM® systems, or just between z/VM systems. Topics that are covered are the installation and customization of IBM Tivoli® Directory Integrator, IBM Tivoli Directory Server, and RACF. Using this basic infrastructure, a sample Tivoli Directory Integrator configuration is presented, which allows for a flexible and extensible means for synchronizing RACF information.




Security on z/VM


Book Description

Discussions about server sprawl, rising software costs, going green, or moving data centers to reduce the cost of business are held in many meetings or conference calls in many organizations throughout the world. And many organizations are starting to turn toward System zTM and z/VM® after such discussions. The virtual machine operating system has over 40 years of experience as a hosting platform for servers, from the days of VM/SP, VM/XA, VM/ESA® and especially now with z/VM. With the consolidation of servers and conservative estimates that approximately seventy percent of all critical corporate data reside on System z, we find ourselves needing a highly secure environment for the support of this infrastructure. This document was written to assist z/VM support and security personnel in providing the enterprise with a safe, secure and manageable environment. This IBM® Redbooks® publication provides an overview of security and integrity provided by z/VM and the processes for the implementation and configuration of z/VM Security Server, z/VM LDAP Server, IBM Tivoli® Directory Server for z/OS®, and Linux® on System z with PAM for LDAP authentication. Sample scenarios with RACF® database sharing between z/VM and z/OS, or through Tivoli Directory Integrator to synchronize LDAP databases, are also discussed in this book. This book provides information about configuration and usage of Linux on System z with the System z Cryptographic features documenting their hardware and software configuration. The Consul zSecure Pro Suite is also part of this document: this product helps to control and audit security not only on one system, but can be used as a single point of enterprise wide security control. This document covers the installation and configuration of this product and detailed information is presented on how z/Consul can be used to collect and analyze z/VM security data and how it can be helpful in the administration of your audit data.




Performance Tuning for IBM Security Directory Server


Book Description

In today's highly connected world, directory servers are the IT cornerstone of many businesses. These components of the corporate infrastructure are the foundation of authentication systems for internal and, more commonly, external user populations. Managing a directory server with several hundred internal users is not all that difficult. However, managing a directory server with several million external users in all 24 time zones throughout the world is a much more daunting task. IBM® Security Directory Server software can handle millions of entries, given the right architecture, configuration, and performance tuning. However, that tuning can differ greatly from tuning for a smaller server with only a few hundred thousand entries. Managing and tuning a directory server of this size requires a change in mindset. Tuning and performance must be a focus even before the hardware is ordered. A proactive approach must be taken after installation also, including the pretuning steps to better interface with other products to make installations and migrations successful, and then regular maintenance to keep the directory running smoothly. This IBM Redbooks® publication is the accumulation of lessons learned in many different real-world environments, including a 24-server fault tolerant configuration with more than 300 million entries. The authors pooled their knowledge and resources to provide the most comprehensive performance view possible, from hardware to software, sort heaps to buffer pools, and table cardinalities. In large directory server deployments, use this document as a guide for how to get the right fit for your environment.




IBM Tivoli Directory Server for Z/OS


Book Description

This IBM® Redbooks® publication examines the IBM Tivoli® Directory Server for z/OS®. IBM Tivoli Directory Server is a powerful Lightweight Directory Access Protocol (LDAP) infrastructure that provides a foundation for deploying comprehensive identity management applications and advanced software architectures. This publication provides an introduction to the IBM Tivoli Directory Server for z/OS that provides a brief summary of its features and a examination of the possible deployment topologies. It discusses planning a deployment of IBM Tivoli Directory Server for z/OS, which includes prerequisites, planning considerations, and data stores, and provides a brief overview of the configuration process. Additional chapters provide a detailed discussion of the IBM Tivoli Directory Server for z/OS architecture that examines the supported back ends, discusses in what scenarios they are best used, and provides usage examples for each back end. The discussion of schemas breaks down the schema and provides guidance on extending it. A broad discussion of authentication, authorization, and security examines the various access protections, bind mechanisms, and transport security available with IBM Tivoli Directory Server for z/OS. This chapter also provides an examination of the new Password Policy feature. Basic and advanced replication topologies are also covered. A discussion on plug-ins provides details on the various types of plug-ins, the plug-in architecture, and creating a plug-in, and provides an example plug-in. Integration of IBM Tivoli Directory Server for z/OS into the IBM Workload Manager environment is also covered. This publication also provides detailed information about the configuration of IBM Tivoli Directory Server for z/OS. It discusses deploying IBM Tivoli Directory Server for z/OS on a single system, with examples of configuring the available back ends. Configuration examples are also provided for deploying the server in a Sysplex, and for both basic and advanced replication topologies. Finally it provides guidance on monitoring and debugging IBM Tivoli Directory Server for z/OS.




z/OS Version 1 Release 13 Implementation


Book Description

This IBM® Redbooks® publication provides information about installation and migration changes to be aware of if you are responsible for migrating systems from IBM z/OS® V1R10, z/OS V1R11, and z/OS V1R12 to z/OS V1R13. It also highlights actions that are needed to prepare for the installation of z/OS V1R12, including ensuring driving system and target system requirements are met and coexistence requirements are satisfied. There is a special focus on identifying new migration actions that must be performed for selected elements when migrating to z/OS V1R13. The book addresses the following topics: - z/OS V1R13 overview, z/OS V1R13 installation, managing volume backups with fast replication, XCF enhancements, console service enhancements - DFSMSdfp, DFSMSoam, DFSMShsm, ISPF enhancements, DFSMSrmm enhancements, establishing IBM RACF® security for RRSF TCP/IP connections - GRS enhancements, BCP supervisor, contents supervisor and RSM updates, improved channel recovery, Service aids enhancements, System Logger - SMF - z/OS UNIX System Services, z/OS UNIX-related applications, RRS, z/OS Management Facility, z/OS HCD and HCM, C language - Storage management enhancements, Common Information Model, Predictive Failure Analysis, Extended Address Volume, BCPii, Capacity Provisioning - System SSL enhancements, UNICODE, IBM Language Environment®, SDSF enhancements, JES2 enhancements, JES3 enhancements, IBM RMFTM enhancements - IBM WebSphere® Application Server OEM, z/OSMF, CIM, and Capacity Provisioning setups - BCPii Metal C example




z/OS Version 1 Release 11 Implementation


Book Description

This IBM® Redbooks® publication positions the new z/OS® Version 1 Release 11 for migration by discussing many of the new functions that are available. The goal for the z/OS platform is to eliminate, automate, and simplify tasks without sacrificing z/OS strengths, and to deliver a z/OS management facility that is easy to learn and use. z/OS is a highly secure, scalable, high-performance enterprise operating system on which to build and deploy Internet- and JavaTM-enabled applications, providing a comprehensive and diverse application execution environment. This books describes the following new and changed functions: - IBM z/OS Management Facility - Allocation enhancements in z/OS V1R11 - BCPii function enhancements in z/OS V1R11 - JES2 and JES3 enhancements - zFS file sharing enhancements - Extended access volume enhancements - Choosing whether to run zAAP work on zIIP processors - System REXX enhancements in V1R11 - RRS global panel options - Service aids enhancements in V1R11 - GRS ENQ contention notification enhancements and analysis for GRS latches - Basic HyperSwap® support enhancement - Message Flood Automation enhancements - Program Management new Binder IEWPARMS - Predictive failure analysis (PFA) - SMF enhancements in V1R11 - System Logger enhancements - XCF/XES enhancements in V1R11 - AutoIPL support - Displaying PDSE caching statistics - ISPF enhancements - IBM Health Checker for z/OS enhancements




Recent Books