This topic guides you through the necessary steps to configure an
enterprise server region with Mainframe Subsystem Support to enable Automated Sign-On for Mainframe. It is assumed that you are using a separate system
to authenticate your users, for example, Host Access Management and Security Server. That system must also request a passtoken
from DCAS.
You must add a new DCAS listener to the region:
- Start the Enterprise Server Administration home page, and then click
Edit for the region you want to create the listener for.
- Click the
Listener tab, and then click
Add.
- In the
Support Conversation Type group, click
Custom.
- In the field next to the
Custom option, type
dcas.
- Configure the listener as required. DCAS listeners must be configured for SSL communication. See
DCAS conversation type and
Secure Communications (SSL) for more information.
Note: Micro Focus recommends you configure both the DCAS and TN3270 listeners with the same SSL server certificate and key. Failure to do so
might result in users being able to incorrectly acquire or fail to acquire passtokens from DCAS.
- You might need to perform additional configuration for an existing TN3270 listener regarding SSL settings. Depending on how
your users' certificates are created, it might be necessary to configure the
Maximum Chain Length and
Match Client Hostname settings. See
To set certificate validation options and
TN3270 conversation type for more information.
Once these steps are completed users can log in using the username and passtoken returned from the management software in
use. This process is usually automated by a macro which automatically populates the username and password fields with the
values returned from the authentication software.
See
DCAS Security for additional information regarding DCAS security considerations and options.