Authorized applications, such as servers, can invoke the R_proxyserv callable service (IRRSPY00) to request the services of the z/OS LDAP server to retrieve information from a directory information tree (DIT) on an LDAP directory. (For an example of an X.500 DIT, see Figure 1.) IRRSPY00 can be successfully invoked by applications that execute in Language Environment® and by those that do not.

You authorize these servers by administering a FACILITY class resource called IRR.RPROXYSERV. The server must be associated with a RACF® user ID or group that has at least READ authority to this resource to successfully invoke IRRSPY00.

Use of IRRSPY00 requires the installation of the z/OS LDAP server and the LDAP server must operate in program call (PC) support mode and support the extended operations (EXOP) backend. For information about configuring this support, see z/OS IBM Tivoli Directory Server Administration and Use for z/OS.