Native Authentication

The native platform authentication service allows users to logon to Z and I Emulator for Web using the same password as they would to logon to the operating system (Windows NT, AIX or z/OS) where Z and I Emulator for Web is active. When a user logs on to Z and I Emulator for Web, their password is validated against the system password, rather than a separate Z and I Emulator for Web password. This gives the Administrator a single point of control for password administration, and the user a single password to remember.

When a user logs on:

1. The user ID and password are sent to the Z and I Emulator for Web service manager.
2. The service manager sends a request for logon information about the user to the LDAP server.
3. The LDAP server returns the requested user information and whether or not the user is configured for native authentication.
4. If the user is configured to use native authentication, the service manager sends the authentication user ID and the password to the operating system for verification. If the user is not configured for native authentication, the service manager compares the password that was entered by the user with the password returned by the LDAP server.

To allow users to have passwords with upper case letters, add LowerCasePasswords = false to the file NSMPROP, located in the install_directory\lib directory. The service manager reads this file at startup and uses the LowerCasePasswords parameter to determine password case. Z and I Emulator for Web uses lower case letters by default.

Related Topics

1. Native Authentication requirements
2. Installing the native platform authentication service
3. Starting the native platform authentication service
4. Configuring current users for native authentication
5. Enabling Windows NT users for native authentication