Requirements for configuring a single sign-on environment

Your system must meet the following hardware and software prerequisites before implementing a single sign-on environment.

Requirements for IBM i 5.4, or later

To create a successful single sign-on environment, ensure that all these requirements are met:

  • IBM® i 5.4, or later, is installed.
  • Latest IBM i program temporary fixes (PTFs) are applied.
  • IBM i Host Servers (5770-SS1 Option 12) is installed.
  • Qshell Interpreter (5770-SS1 Option 30) is installed.
  • TCP/IP and basic system security are configured.

If you intend to use the Synchronize Functions wizard in System i® Navigator to propagate an existing single sign-on configuration across multiple systems or if you intend to configure Management Central servers for single sign-on using System i Navigator, ensure all these requirements are met:

  • IBM i 5.4, or later, is installed.
  • Latest IBM i program temporary fixes (PTFs) are applied.
  • IBM i Access for Windows 5.4, or later, is installed.
  • Latest IBM i Access for Windows service pack is installed.

    For information about acquiring the latest service pack, see, IBM i Support web pagelink outside the Information Center.

  • IBM i Host Servers (5770-SS1 Option 12) is installed.
  • Qshell Interpreter (5770-SS1 Option 30) is installed.
  • TCP/IP and basic system security are configured.
  • If you intend to use the Synchronize Functions wizard, configure the systems to use Secure Sockets Layer (SSL) to protect the transmission of sensitive configuration information, such as passwords.TCP/IP and basic system security are configured.

Client PC requirements

To create a successful single sign-on environment, ensure that all these requirements are met:

  • Microsoft Windows is used.
  • IBM i Access Client Solutions (5733-XJ1) is installed.
  • TCP/IP is configured.

If you intend to use the Synchronize Functions wizard in System i Navigator to propagate an existing single sign-on configuration across multiple systems or if you intend to configure Management Central servers for single sign-on using System i Navigator, ensure all these requirements are met:

  • Microsoft Windows operating system is used.
  • IBM i Access for Windows, 5.4, or later, is installed.
    • Network component of System i Navigator is installed on PC that administers single sign-on.
    • Security component of System i Navigator is installed on PC that administers single sign-on.
  • Latest IBM i Access for Windows service pack is installed.

    For information about acquiring the latest service pack, see, IBM i Support web pagelink outside the Information Center.

  • TCP/IP is configured.

Microsoft Windows server requirements

To create a successful single sign-on environment, ensure that all these requirements are met:

  • Hardware planning and setup are completed.
  • Windows server is used.
  • Windows Support Tools (which provides the ktpass tool) is installed.
  • TCP/IP is configured.
  • Windows domain is configured.
  • Users within the network are added to a Windows domain through Microsoft Windows Active Directory.

You can use the provided planning work sheets to help you gather information and make decisions for your single sign-on implementation. Each work sheet contains a list of tasks that need to be completed.