Recent Posts

Pages: [1] 2 3 4 5 6 ... 10

MP Server / Re: ARSLSYNC Question

« Last post by Justin Derrick on Today at 09:05:04 AM »

What's the advantage to mirroring this data locally? The System Log only records the User IDs anyway. If you want to look up who a user is, copy & paste the User ID into your LDAP Client / Org Chart / Teams / eMail client, and you should get the information you're looking for.

I agree about the Enhancement Request, but spend the time to think through how it would be implemented and what features you (and other CMOD customers) might want.

-JD.

MP Server / ARSLSYNC Question

« Last post by JeanineJ on Today at 06:32:56 AM »

This is for implementations that use the Thick Client for users to retrieve documents.
I have finally gotten ARSLSYNC working in my sandbox enviroment. YAY Me!
I'm not really thrilled with what I'm seeing.
We are using sAMAccountName for the BIND and MAPPED attributes for LDAP which track back to how we identify employees and contractors in my company.
For the SYNC we're setting USER_FILTER to objectClass=user memberOf... and for GROUP_FILTER = objectClass=group cn=CMOD*dev (yes I'm skipping typing in the full text, just go with me.)
When I run the SYNC I only get the value for the User ID but not the Name or Descriptions that we use when manually loading a user to CMOD. IBM Lab Services says that's all we get and I'm not thrilled. I like to see names and departments that go with the user ID.
Does anyone else care? Has anyone else be able to solve this? Lab Services suggested I request an enhancement to ARSLSYNC.
Because of this we're delaying our ARSLSYNC provisioning until next year.

z/OS Server / Re: CMOD 10.5 Release Notes

« Last post by Ed_Arnold on April 30, 2024, 11:57:54 AM »

Quote from: Ed_Arnold on February 08, 2024, 02:01:48 PM

At 10.5.0.7 the default TLS (SSL) level for both clients and the server flips from TLS V1.2 to TLS V1.3.

If implementing TLS for the first time, things might be easier if all of CMOD, clients and servers, are at 10.5.0.7 first.

10.5.0.8 Release Note --- recommended for TLS V1.3

Changed in 10.5.0.8 is that if GSK_V3_CIPHER_SPECS_EXPANDED is not specified and you want TLS 1.3, development has added TLS 1.3 ciphers to the default ciphers.

If prior to 10.5.0.8, specify GSK_V3_CIPHER_SPECS_EXPANDED=130313011302C02CC02BC030C02FC024C023 to ensure the TLS 1.3 cipher pairs (1301, 1302, 1303) are available.

Ed

z/OS Server / Re: CMOD 10.5 Release Notes

« Last post by Ed_Arnold on April 30, 2024, 11:52:55 AM »

10.5.0.7 - the default IMDS switches from V1 to V2

The Instance Metadata Service Version 2 (IMDSv2) adds protections; specifically, IMDSv2 uses session-oriented authentication with the following enhancements: IMDSv2 requires the creation of a secret token in a simple HTTP PUT request to start the session, which must be used to retrieve information in IMDSv2 calls

Announcements & News / Re: ALERT: GSKit 8.0.55.26+ & Post-Quantum Cryptography

« Last post by Justin Derrick on April 26, 2024, 11:41:42 AM »

Just a quick update since CMOD v10.5 FP8 was released this week. The new FixPack doesn't change the behaviour of CMOD, because altering the current behaviour would mean that OnDemand would no longer be FIPS compliant.

The documentation has been updated to describe the change, but I imagine it would be trivial to miss this very important change: https://www.ibm.com/docs/en/cmofm/10.5.0?topic=clients-setting-up-ssl-windows

-JD.

Pages: [1] 2 3 4 5 6 ... 10

OnDemand User Group

News:

Recent Posts

MP Server / Re: ARSLSYNC Question

MP Server / ARSLSYNC Question

z/OS Server / Re: CMOD 10.5 Release Notes

z/OS Server / Re: CMOD 10.5 Release Notes

Announcements & News / Re: ALERT: GSKit 8.0.55.26+ & Post-Quantum Cryptography

MP Server / Re: ARSJESD

MP Server / Re: ARSLSYNC Issues

MP Server / Re: ARSLSYNC Issues

MP Server / Re: ARSLSYNC Issues

MP Server / Re: ARSLSYNC Issues