WAVV Requirement Form

 

Date: 4/10/2006                                           Requirement #:  WAVV200633

Product Name:    z/VSE           Product Release# (or state “current”): current

Vendor Name:     IBM

 

Title: (Paraphrase problem in a single statement)z/VSE Security (BSM & ESM) integration with LDAP

Detailed Problem Description: (Description of what you want changed - 400 character entry limit)

 

z/VSE does not support integration with external security services like LDAP.  z/VSE also doesn't support long userids and complex passwords.

                                                                                            

Priority: (Select one: Urgent - High - Medium - Low) High

Requested Completion Date: (When? Examples: 3 months, 1 year, Next Release) Next Release

Requirement Type: (Select one: Acceptability - Compatibility/Migration - Ease of Use - Feature/Function - Performance - Reliability/Availability/Serviceability - Packaging - Interoperability)

Interoperability

Business Justification: (Why? Non-technical business case description. Do not reword Detailed Problem Description from above. What are the benefits to be gained by your company, and the vendor and others?  Quantify: run time, dollars, manpower, etc.   Why should the vendor do this for the customer?)

 

In my environment, single signon has been requested for some time.  In addition, the use of 4 character IDs has been considered an audit exception.  Company policy requires that an 8 character minimum LogonID be used.  Our policy also requires that the password strength be enforced to only allow complicated passwords (i.e. passwords containing mixed case plus numerics and/or special characters).

Solution: (Optional)(Desired/undesired elements Note: Making a suggestion may limit a vendors ability to deliver a solution)

 

Provide LDAP client function on z/VSE that could validate LogonID and Password within an LDAP environment.  This would provide a single signon between z/VSE and all other systems that can authenticate against LDAP (i.e. Linux and UNIX systems, Windows Servers, etc.).  z/VSE would also need to provide a facility to map LDAP IDs to VSE IDs so userids greater than 4 characters could be used.

Impact: (Optional) (How will your company’s business be affected if a solution is not delivered?)

 

Without a solution, our internal auditors will continue to find our z/VSE systems not in compliance with our corporate IT policy.

 

Company Name:        ADI (a division of Honeywell)                                                                      

Author Name:            Ken Ripple                               Author Title: Director IT

Author Address:         263 Old Country Rd.

Author E-mail:            ken.ripple@honeywell.com

Telephone:                 (631) 692-1714