Information Technology Reference
In-Depth Information
smartcard technologies that will allow better integration, such as Sun's Sun
Ray system. It depends on how far you want to go to acquire seamless
integration and how you define “good enough”.
Mainframe “green screen” programs have their own security model
(RACF/ACF2). The best that we believe is possible is to hook up the
provisioning on the mainframe with IAM's User Event Bus. Having template
or model users with canned access rules is a good shortcut for user
provisioning, since these can be referenced when creating new users. Access
Management will have to be handled entirely by the mainframe.
For Unix system accounts, consider using a Pluggable Authentication Module
(PAM) to interface with the IAM directory rather than rely on the local
“passwd” and “shadow” files to store user data.
