ADSelfService Plus' Real-time Password Synchronizer assists administrators by ensuring that the password changes made natively in the Windows interface are synchronized with the IBM servers. Password Sync Agent accomplishes real-time synchronization in seconds, which means when users change or reset their Active Directory password, the new password will automatically be synced with the IBM servers. It is to note that the linking of AD accounts with the IBM servers can be done based on any AD attribute.
This article gives you the step-by-step instructions to integrate IBM System i/AS400 with Active Directory for synchronizing passwords using ADSelfService Plus.
Prerequisite:
Ports required to have access: 137, 139, 397, 445 to 449, 512, 2001, 3000, 5010, 5544, 5555, 8470 to 8476, and 8480.
Steps involved:
- Log into the ADSelfService Plus web console with admin credentials.
- Navigate to Configuration tab > Self-Service > Password Sync/Single Sign On.
- In the dashboard which displays the list of applications supported by ADSelfService Plus, click on the IBM i/AS400 System pane.
- Enter the System Name/IP Address of the machine in which IBM i/AS400 resides.
- Type the User Name and Password of the account with IBM i QSecurity Officer (QSECOFR) authority.
- Enter an appropriate Description.
- From the Available Policies drop-down list, select the policies for which the synchronization of passwords must occur.
- Click Save.
Like this tip? Get the most of ADSelfService Plus by checking out more tips and tricks here.