Can IBM LDAP be used to update the Top Secret for z/VSE Security File?

Can IBM LDAP be used to update the Top Secret for z/VSE Security File?

IBM LDAP currently doesn't have the ability to update the Top Secret for z/VSE security file.

Broadcom has its own version of  LDAP called  LDAP, but only runs on the z/OS platform. There aren't any versions that run on z/VM/ z/VSE or z/Linux.

LDAP allows you to issue security checks, authenticate, extract information from the security file and make TSS administrative changes to Top Secret for z/OS.

PAM allows you to validate signons on z/Linux. It requires LDAP. When a signon occurs in z/Linux, PAM will make a call to LDAP and authenticate the userid and password. This means the userid and password must exist on Top Secret for z/OS.

If the validation is successful or unsuccessful, we let PAM know and it allows or fails the signon on z/Linux.

Currently there is no equivalent of PAM that runs on z/VM and z/VSE.