11 April,19 at 11:50 AM
IBM Sterling Connect:Direct components run o Linux/Unix systems, so it's very easy to integrate with AD using Centrify because it's a PAM-aware application. This means it's able to leverage the PAM module provided by Centrify (or any other PAM module) to authenticate users.
if you look at page 43 on the official guide on how to implement PAM on IBM C:D (http://www-01.ibm.com/support/docview.wss?uid=swg27043021), it says:
Edit the initparm.cfg file and add the service name to the ndm.pam:service parameter. The service name we will be using in our test is the default service name “login”, located in /etc/pam.d directory. Make sure to bounce the Connect:Direct application to apply the change.
[cd4104@ironman] /home/cd4104/ndm/cfg/ironman4104 $ vi initparm.cfg
# Miscellaneous Parameters
ndm.path:path=/home/cd4104:
ndm.node:name=ironman4104:
ndm.pam:service=login:
ndm.env_vars:sanitize=n:
So all you need to do is to change the initparm.cfg file and specify login as the ndm.pam:service parameter. This will make IBM C:D look at the OS PAM modules to authenticate users.
Just make sure your users are properly set up at Centrify, i.e. have a UNIX profile and login rights assinged if needed.