Password Synchronization with IBM i/AS400 system
Prerequisite
The following ports are required to have free access when configuring password synchronization betwee IBM iSeries and Windows Active Directory: 137, 139, 397, 445 to 449, 512, 2001, 3000, 5010, 5544, 5555, 8470 to 8476, 8480.
Steps to configure IBM i/AS400 system accounts with ADSelfService Plus
Important : Install the Password Sync Agent to synchronize native password changes and resets.
-
Log into ADSelfService Plus admin console with admin credentials.
-
Navigate to Configuration → Self-Service → Password Sync/ Single Sign On.
-
Select the IBM i/AS400 application.
Note:
You can also find IBM i/AS400 application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
-
Enter the Application Name and Description.
-
In the Assign Policies field, select the policies for which password sync need to be enabled.
Note:ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
-
Select Enable Password Sync.
-
Enter the System name or IP address of the IBM i/AS400 system.
-
Enter the Username and Password of the user account that belongs to the Security officer (QSECOFR) account class in the IBM i/AS400 system.
-
Click Add Application.
Don't see what you're looking for?
-
Visit our community
Post your questions in the forum.
-
Request additional resources
Send us your requirements.
-
Need implementation assistance?
Try onboarding