Compatibility with IBM LDAP and Top Secret for z/VSE and z/VSE

Can Top Secret for z/VSE and z/VM be configured to use IBM LDAP?

From a Top Secret z/VSE and z/VM, IBM LDAP is just another program.

It needs to be authorized to any program, dataset and any Top Secret protected resource.

It is not treated any differently than any other batch program.

There is no built in functionality that allows Top Secret z/VSE and z/VM to communicate with IBM LDAP and update the security file.

Broadcom has its own version of LDAP.

Currently, Broadcom LDAP only runs on the z/OS platform. There aren't any versions that run on z/VM/ z/VSE or z/Linux.

Broadcom LDAP allows you to issue security checks, authenticate, extract information from the security file and make TSS administrative changes to Top Secret for z/OS.

Broadcom PAM allows you to validate signons on z/Linux. It requires Broadcom LDAP. When a signon occurs in z/Linux, Broadcom PAM will make a call to Broadcom LDAP and authenticate the userid and password. This means the userid and password must exist on Top Secret for z/OS.

If the validation is successful or unsuccessful, we let Broadcom PAM know and it allows or fails the signon on z/Linux.

Currently there is no equivalent of Broadcom PAM that runs on z/VM and z/VSE.