The connector applies to OS/400 version V4R5 and above.
When the connector sets a password for a user it will login to iSeries using an iSeries user that possesses the privileges required for this operation. Necessary administrator privileges:
- *SECADM (Security Administrator)
- *ALLOBJECTS (only required if MyPass should be able to set passwords on elevated eg. Secadm accounts)
Remote Command (*RMTSRV)
The Remote Command port is used for connecting to the iSeries machine. Therefore the Remote Command exit point needs to be configured.
If there are machines connected to the iSeries using IFS and you wish to to make use of synchronization from AD, you would require at least iSeries Password level 2.(Password Level 1 can be used when limiting the AD Password Policy using the Password Filter)
The default setup is to use SSL connection between the iSeries and Password Manager machine. This setting can be changed by setting the SSL mode key to false in the file: \FastPassGateway\bin\ConnectorIBMSystemI\fpc101.properties
For SSL, please follow IBMs description on how to let IBM Tool Box for Java and iSeries communicate over SSL: http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzahh/ssltrad.htm
The MyPass Cloud includes a tool for getting the Java keystore created on the windows server in an easy manner. Please look at the appendix for doing this.