4. Configure Authentication and Authorization

Automated Sign-on for Mainframe requires users to authenticate to the MSS Administrative Server by using a smart card, username and password, or other credentials.


An LDAP directory is required for user authorization.

To configure user authentication and authorization

  1. In the MSS Administrative Console, click Configure Settings - Authentication & Authorization.

  2. Select an Authentication method (any other than None).

    Using smart cards. If users will authenticate to the MSS Administrative Server with smart cards, select X.509. Further configuration may be required before running a simple test, noted in When smart cards are used for authentication.

  3. For Authorization method, select Use LDAP to restrict access to sessions.


  4. Scroll to LDAP Servers and click +ADD your LDAP server.

  5. Enter the required information for your LDAP server. Click Help for assistance.

  6. Click Apply. The server is listed under LDAP Servers.

After you configure Authentication and Authorization, proceed to Configure Settings - Automated Sign-on and continue to establish trust between the MSS Administrative Server and the DCAS server.