AS400 Single Sign On

I am trying to setup the AS400 to see my network shares and I know your account in the AS400 and Windows needs to be the same. I can see the servers through my AS400 but not the shares on the server. Also my windows account seems to get locked out when I try and access a server through the iSeries Navigator. I am assuming this is due to the credentials not matching, which they are. However I do not have the single sign on feature working for the AS400 and I am wondering if this is why I am not seeing the shares.

When I change the iSeries Navigator to use windows credentials I get an error CWBSY1040 Windows logon credentials are unavailable. I am not sure what to do with this, and I can not seem to find an answer anywhere. The AS400 is set to *VERIFY for the QRMTSIGN. Any ideas?



What OS version on both systems?



What OS version on both systems?



For the servers? I have windows shares on mainly Server 2008

I believe we are running iSeries 5.3 or 5.4

My PC is a windows 7 machine.



When dealing with V5R2 and later IBM i releases, and relatively recent versions of Windows, including Windows 7 and Windows Server 2008, implementing Enterprise Identity Mapping (EIM) is the best alternative. EIM is the IBM AS/400 / iSeries / i technology for enabling single-sign-on. EIM allows you to associate a Windows ID with an IBM i ID, with no ID name restrictions, and no need to synchronize passwords. With EIM, the IBM i "trusts" Windows authentication.

http://www.redbooks.ibm.com/abstracts/sg246975.html

Without EIM, you're just going to have issues. You have to synchronize ID names and passwords. You're going to have to deal with the occasional disabled user ID. Traditionally, as Microsoft has changed share security and authentication schemes, shares suddenly stop working after upgrades, etc. Do yourself a favor and implement EIM if you can.

If not, then you're going to need to understand the version-specific needs of each Windows system, and the limitations of each IBM i OS version. IBM i NetServer is the IBM i feature that enables Windows file and print sharing (SMB/CIFS). There is a long list of considerations and restrictions when using NetServer with Windows 7 and Windows 2008. Here's the IBM Technote on Netserver and Win 7 / Win 2008:
http://www-01.ibm.com/support/docview.wss?uid=nas8N1018525

One last note: V5R3 has been out of support for quite a while. If this is your release, you may have a difficult time integrating such an old version of IBM i with newer versions of Windows. Technote above only deals with V5R4 and later.

Another useful technote:
http://www-01.ibm.com/support/docview.wss?uid=nas8N1016520

Hope that helps.

- Gary





Share this

Related Posts

There was an error in this gadget